2019-01-22 - QUICK POST: EMOTET + TRICKBOT, ICEDID (BOKBOT), OR GOOTKIT
ASSOCIATED FILES:
- 2019-01-22-Emotet-malspam-5-email-examples.zip 141 kB (140,506 bytes)
- 2019-01-22-1st-run-Emotet-infection-with-Trickbot.pcap.zip 4.5 MB (4,523,187 bytes)
- 2019-01-22-1st-run-Emotet-and-Trickbot-malware.zip 565 kB (565,438 bytes)
- 2019-01-22-2nd-run-Emotet-infection-with-IcedID.pcap.zip 2.2 MB (2,173,278 bytes)
- 2019-01-22-2nd-run-Emotet-and-IceID-malware.zip 493 kB (492,605 bytes)
- 2019-01-22-3rd-run-Emotet-infection-with-Gootkit.pcap.zip 5.4 MB (5,447,373 bytes)
- 2019-01-22-3rd-run-Emotet-and-Gootkit-malware.zip 589 kB (588,543 bytes)
NOTES:
- Zip archives are password-protected with the standard password. If you don't know it, see the "about" page of this website.
Shown above: Flow chart for today's Emotet infections.
Shown above: Traffic from the first infection filtered in Wireshark.
Shown above: Traffic from the second infection filtered in Wireshark.
Shown above: Traffic from the third infection filtered in Wireshark.
Click here to return to the main page.