References Malware

Gootkit

More Reading:

  • Bye Empire, Hello Nebula Exploit Kit. - 2017-03-02 - MDNC - Kafeine Empire Nebula GamiNook Pitou Gootkit CVE-2014-6332 CVE-2015-7645 CVE-2016-4117
  • EITest: Sinkholing the oldest infection chain - 2018-04-12 - Proofpoint - Kafeine EITest Glazunov Angler Gootkit Cerber CryptXXX Smokebot
  • sLoad and Ramnit pairing in sustained campaigns against UK and Italy - 2018-10-23 - Proofpoint - Proofpoint Staff TA554 sLoad Ramnit PsiXBot Gootkit Snatch
  • BrushaLoader still sweeping up victims one year later - 2019-07-22 - Proofpoint - Kafeine - Proofpoint Staff BrushaLoader Danabot Gootkit TA544