2018-11-29 - QUICK POST: GOOTKIT

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

ASSOCIATED FILES:

• 2018-11-29-Gootkit-malspam-1831-UTC.eml.zip   1.8 kB (1,784 bytes)
• 2018-11-29-infection-from-malspam-pushing-Gootkit.pcap.zip   7.6 MB (7,615,757 bytes)
• 2018-11-29-malware-from-Gootkit-infection.zip   572 kB (571,795 bytes)

 

IMAGES:

Shown above:  Screenshot of the malspam.

 

Shown above:  Infection traffic filtered in Wireshark.

 

Shown above:  Gootkit running on an infected Windows host.

 

Click here to return to the main page.