2019-02-26 - QUICK POST: MALSPAM PUSHING GANDCRAB
- 2019-02-26-Gandcrab-malspam-tracker.csv.zip 1.6 kB (1,624 bytes)
- 2019-02-26-Gandcrab-infection-from-JS-from-malspam.pcap.zip 148 kB (147,717 bytes)
- 2019-02-26-emails-attachments-and-follow-up-malware-from-Gandcrab-malspam.zip 2.0 MB (1,976,328 bytes)
- Today I collected 24 examples of malspam using attached zip archives with .js files pushing Gandcrab ransomware version 5.2.
- These samples go back as early as Monday morning, 2019-02-25.
- Zip archives are password-protected with the standard password. If you don't know it, see the "about" page of this website.
Shown above: Traffic from an infection filtered in Wireshark.
Click here to return to the main page.