2018-11-26 THRU 2018-11-30 - FIVE EXAMPLES OF EMOTET INFECTIONS

ASSOCIATED FILES:

• 2018-11-26-example-of-Emotet-malspam-with-attachment.eml.zip   54 kB (54,352 bytes)
• 2018-11-26-Emotet-infection-with-IcedID.pcap.zip   3.6 MB (3,594,589 bytes)
• 2018-11-26-Emotet-and-Iced-ID-malware.zip   1.8 MB (1,779,280 bytes)

• 2018-11-27-example-of-Emotet-malspam-with-attachment.eml.zip   106 kB (105,628 bytes)
• 2018-11-27-Emotet-infection-with-IcedID.pcap.zip   1.6 MB (1,631,209 bytes)
• 2018-11-27-Emotet-and-Iced-ID-malware.zip   567 kB (567,000 bytes)

• 2018-11-28-example-of-Emotet-malspam-with-attachment.eml.zip   104 kB (104,469 bytes)
• 2018-11-28-Emotet-infection-with-IcedID.pcap.zip   2.1 MB (2,139,841 bytes)
• 2018-11-28-Emotet-and-Iced-ID-malware.zip   556 kB (555,920 bytes)

• 2018-11-29-example-of-Emotet-malspam-with-attachment.eml.zip   104 kB (103,605 bytes)
• 2018-11-29-Emotet-infection-with-IcedID.pcap.zip   1.5 MB (1,475,992 bytes)
• 2018-11-29-Emotet-and-Iced-ID-malware.zip   491 kB (491,415 bytes)

• 2018-11-30-example-of-Emotet-malspam-with-attachment.eml.zip   99 kB (98,995 bytes)
• 2018-11-30-Emotet-infection-with-IcedID-and-Trickbot.pcap.zip   8.9 MB (8,937,034 bytes)
• 2018-11-30-Emotet-and-IcedID-and-Trickbot-malware.zip   998 kB (997,794 bytes)

 

NOTES:

• I triggered Emotet infections in my lab every day this past week from Monday 2018-11-26 through Friday 2018-11-30.
• In every case, I saw IcedID (Bokbot) as the follow-up malware.
• On Friday 2018-11-30, I both IcedID and Trickbot (gtag: del108) as the follow-up malware.
• All five examples were triggered from US-based IP addresses.

 

Click here to return to the main page.