2018-11-29 - QUICK POST: MALSPAM PUSHING GOOTKIT

ASSOCIATED FILES:

• 2018-11-29-Gootkit-malspam-1831-UTC.eml.zip   1.8 kB (1,784 bytes)
• 2018-11-29-infection-from-malspam-pushing-Gootkit.pcap.zip   7.6 MB (7,615,758 bytes)
• 2018-11-29-malware-from-Gootkit-infection.zip   571 kB (571,247 bytes)

NOTE:  Zip archives are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

 

IMAGES:

Shown above:  Screenshot of the malspam.

 

Shown above:  Infection traffic filtered in Wireshark.

 

Shown above:  Gootkit running on an infected Windows host.

 

Click here to return to the main page.