2020-09-30 - EMOTET INFECTION WITH TRICKBOT

ASSOCIATED FILES:

  • 2020-09-30-Emotet-with-Trickbot-IOCs.txt   (4,535 bytes)
  • 2020-09-30-Emotet-infection-with-Trickbot.pcap   (4,831,528 bytes)
  • 2020-09-30-Emotet-EXE.bin   (286,720 bytes)
  • 2020-09-30-Registry-Update-for-Emotet.txt   (614 bytes)
  • 2020-09-30-Trickbot-EXE.bin   (516,096 bytes)
  • 2020-09-30-Word-doc-with-macro-for-Emotet.bin   (148,920 bytes)
  • 2020-09-30-scheduled-task-for-Trickbot.txt   (3,504 bytes)

NOTES:

 

IMAGES


Shown above:  Traffic from an infection filtered in Wireshark.

 


Shown above:  Emotet EXE on the infected host.

 


Shown above:  Trickbot EXE on the infected host.

 

Click here to return to the main page.