Malware-Traffic-Analysis.net - 2019-02-26 - Quick post: malspam pushing Gandcrab ransomware

2019-02-26 - QUICK POST: MALSPAM PUSHING GANDCRAB RANSOMWARE

NOTICE:

The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.

NOTES:

Today I collected 24 examples of malspam using attached zip archives with .js files pushing Gandcrab ransomware version 5.2.
These samples go back as early as Monday morning, 2019-02-25.

ASSOCIATED FILES:

2019-02-26-Gandcrab-malspam-tracker.csv.zip 1.6 kB (1,624 bytes)
2019-02-26-Gandcrab-infection-from-JS-from-malspam.pcap.zip 148 kB (147,717 bytes)
2019-02-26-emails-attachments-and-follow-up-malware-from-Gandcrab-malspam.zip 2.0 MB (1,988,296 bytes)

Shown above: Traffic from an infection filtered in Wireshark.

Click here to return to the main page.