Malware-Traffic-Analysis.net - 2020-04-20 - Quick post: Trickbot gtag ono38 infection

2020-04-20 - QUICK POST: TRICKBOT GTAG ONO38 INFECTION

NOTICE:

The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.

ASSOCIATED FILES:

2020-04-20-example-of-malspam-pushing-Trickbot.eml.zip 230 kB (230,141 bytes)

2020-04-20-example-of-malspam-pushing-Trickbot.eml (325,609 bytes)

2020-04-20-Trickbot-gtag-ono38-infection-traffic.pcap.zip 11.9 MB (11,945,839 bytes)

2020-04-20-Trickbot-gtag-ono38-infection-traffic.pcap (13,131,659 bytes)

2020-04-20-Trickbot-gtag-ono38-malware-and-artifacts.zip 9.8 MB (9,841,447 bytes)

2020-04-17-password-protected-XLS-file-with-macro-for-Trickbot.bin (236,544 bytes)

2020-04-20-scheduled-task-to-keep-Trickbot-persistent.txt (3,180 bytes)

CmdValidate/MIwRHxM.exe (459,278 bytes)

CmdValidate/settings.ini (48,923 bytes)

CmdValidate/data/importDll64 (7,696,128 bytes)

CmdValidate/data/injectDll64 (410,560 bytes)

CmdValidate/data/injectDll64_configs/dinj (13,936 bytes)

CmdValidate/data/injectDll64_configs/sinj (1,456 bytes)

CmdValidate/data/injectDll64_configs/dpost (176 bytes)

CmdValidate/data/networkDll64 (58,192 bytes)

CmdValidate/data/networkDll64_configs/dpost (1,456 bytes)

CmdValidate/data/nwormDll64 (27,376 bytes)

CmdValidate/data/pwgrab64 (1,084,784 bytes)

CmdValidate/data/pwgrab64_configs/dpost (1,456 bytes)

Click here to return to the main page.