2018-07-16 - QUICK POST: EMOTET INFECTION WITH TRICKBOT (GTAG: MON1)
ASSOCIATED FILES:
- 2018-07-16-Emotet-infection-with-Trickbot.pcap.zip 15.5 MB (15,540,622 bytes)
- 2018-07-16-malware-from-Emotet-with-Trickbot-infection.zip 524 kB (524,193 bytes)
IMAGES
Shown above: Word doc downloaded from link in Emotet malspam.
Shown above: Infection traffic filtered in Wirehshark.
Shown above: Registry values to keep both Emotet and Trickbot persistent on the infected Windows host.
Shown above: Some of the Trickbot artifacts from today's infection.
FINAL NOTES
Once again, here are the associated files:
- 2018-07-16-Emotet-infection-with-Trickbot.pcap.zip 15.5 MB (15,540,622 bytes)
- 2018-07-16-malware-from-Emotet-with-Trickbot-infection.zip 524 kB (524,193 bytes)
Zip archives are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
Click here to return to the main page.