2017-12-13 - NECURS BOTNET MALSPAM PUSHES TRICKBOT OR GLOBEIMPOSTER RANSOMWARE

NOTICE:

NOTES:

ASSOCIATED FILES:

  • 2017-12-13-Necurs-Botnet-malspam-tracker.csv   (4,914 bytes)
  • artifacts-and-malware/2017-12-07-Trickbot-sample-OlfXexkXp.exe   (384,000 bytes)
  • artifacts-and-malware/2017-12-08-Trickbot-sample-agraba8.exe   (353,183 bytes)
  • artifacts-and-malware/2017-12-11-Trickbot-sample-agraba8.exe   (417,300 bytes)
  • artifacts-and-malware/2017-12-12-Trickbot-sample-dilaryi8.exe   (351,580 bytes)
  • artifacts-and-malware/2017-12-12-follow-up-malware-launcher.exe   (454,656 bytes)
  • artifacts-and-malware/2017-12-13-GlobeImposter-Read___ME.html   (4,248 bytes)
  • artifacts-and-malware/2017-12-13-GlobeImposter-decryptor-style.css   (1,930 bytes)
  • artifacts-and-malware/2017-12-13-GlobeImposter-decryptor.html   (9,394 bytes)
  • artifacts-and-malware/2017-12-13-GlobeImposter-sample-agraba8.exe   (137,728 bytes)
  • attachments/201712_137702.doc   (179,712 bytes)
  • attachments/201712_686900.doc   (179,712 bytes)
  • attachments/201712_692164.doc   (179,712 bytes)
  • attachments/201712_695977.doc   (179,712 bytes)
  • attachments/BU1529 - 12.12.2017.doc   (157,696 bytes)
  • attachments/Invoice INV0000104.7z   (2,029 bytes)
  • attachments/Invoice INV0000531.7z   (2,027 bytes)
  • attachments/Invoice INV0000701.7z   (2,031 bytes)
  • attachments/Invoice INV0000736.7z   (2,036 bytes)
  • attachments/KQZ05 - 12.12.2017.doc   (157,696 bytes)
  • attachments/LKU8662 - 12.12.2017.doc   (157,696 bytes)
  • attachments/QZ12 - 12.12.2017.doc   (157,696 bytes)
  • attachments/RE-2017-12-12-00091.doc   (160,768 bytes)
  • attachments/RE-2017-12-12-00166.doc   (160,768 bytes)
  • attachments/RE-2017-12-12-00268.doc   (160,768 bytes)
  • attachments/RE-2017-12-12-00630.doc   (160,768 bytes)
  • attachments/inv-IZR4327938.doc   (171,008 bytes)
  • attachments/inv-JDS3250467.doc   (171,008 bytes)
  • attachments/inv-MTY0724350.doc   (171,008 bytes)
  • attachments/inv-NZW0207188.doc   (171,008 bytes)
  • emails/2017-12-07-Necurs-Botnet-malspam-0959-UTC.eml   (3,753 bytes)
  • emails/2017-12-07-Necurs-Botnet-malspam-1005-UTC.eml   (3,739 bytes)
  • emails/2017-12-07-Necurs-Botnet-malspam-1018-UTC.eml   (3,766 bytes)
  • emails/2017-12-07-Necurs-Botnet-malspam-1019-UTC.eml   (3,738 bytes)
  • emails/2017-12-08-Necurs-Botnet-malspam-1410-UTC.eml   (243,963 bytes)
  • emails/2017-12-08-Necurs-Botnet-malspam-1458-UTC.eml   (243,952 bytes)
  • emails/2017-12-08-Necurs-Botnet-malspam-1538-UTC.eml   (243,952 bytes)
  • emails/2017-12-08-Necurs-Botnet-malspam-1611-UTC.eml   (243,963 bytes)
  • emails/2017-12-11-Necurs-Botnet-malspam-1346-UTC.eml   (231,988 bytes)
  • emails/2017-12-11-Necurs-Botnet-malspam-1400-UTC.eml   (231,999 bytes)
  • emails/2017-12-11-Necurs-Botnet-malspam-1417-UTC.eml   (231,977 bytes)
  • emails/2017-12-11-Necurs-Botnet-malspam-1429-UTC.eml   (231,990 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-0632-UTC.eml   (217,484 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-0655-UTC.eml   (217,529 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-0709-UTC.eml   (217,545 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-0737-UTC.eml   (217,536 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-1111-UTC.eml   (222,303 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-1113-UTC.eml   (222,299 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-1116-UTC.eml   (222,345 bytes)
  • emails/2017-12-12-Necurs-Botnet-malspam-1229-UTC.eml   (219,276 bytes)
  • extracted-files/Invoice INV0000138.vbs   (4,702 bytes)
  • extracted-files/Invoice INV0000383.vbs   (4,667 bytes)
  • extracted-files/Invoice INV0000398.vbs   (4,623 bytes)
  • extracted-files/Invoice INV0000699.vbs   (4,635 bytes)
  • 2017-12-07-Necurs-Botnet-malspam-pushes-Trickbot.pcap   (1395916 bytes)
  • 2017-12-08-Necurs-Botnet-malspam-pushes-Trickbot.pcap   (1365419 bytes)
  • 2017-12-11-Necurs-Botnet-malspam-pushes-Trickbot.pcap   (340354 bytes)
  • 2017-12-12-Necurs-Botnet-malspam-pushes-Trickbot.pcap   (2034523 bytes)
  • 2017-12-13-Necurs-Botnet-malspam-pushes-GlobeImposter-ransomware.pcap   (171402 bytes)

 

Click here to return to the main page.