2024-03-13 (WEDNESDAY): GOOTLOADER INFECTION FROM FAKE FORUM POST

NOTES:

• Zip files are password-protected.  Of note, this site has a new password scheme.  For the password, see the "about" page of this website.

REFERENCES:

• https://www.linkedin.com/posts/unit42_gootloader-timelythreatintel-unit42threatintel-activity-7174049166199779328-iB3F
• https://twitter.com/Unit42_Intel/status/1768283551168946470

ASSOCIATED FILES:

• 2024-03-13-IOCs-from-GootLoader-infection.txt.zip   1.2 kB   (1,218 bytes)
• 2024-03-13-GootLoader-infection-traffic.pcap.zip   1.8 MB   (1,789,515 bytes)
• 2024-03-13-GootLoader-malware-and-artifacts.zip   1.8 MB   (1,762,770 bytes)

 

Click here to return to the main page.