2021-04-12 (MONDAY) - GUILDMA (ASTAROTH) FROM BRAZIL-BASED MALSPAM

ASSOCIATED FILES:

• 2021-04-12-IOCs-from-Guildma-infection.txt.zip   4.0 kB   (3,950 bytes)
• 2021-04-12-Guilma-malspam-4-examples.zip   13.6 kB   (13,594 bytes)
• 2021-04-12-Guildma-infection-traffic.pcap.zip   8.5 MB   (8,544,600 bytes)
• 2021-04-12-malware-and-artifacts-from-Guildma-infection.zip   3.5 MB   (3,504,835 bytes)

NOTES:

• All zip archives on this site are password-protected.  If you don't know the password, see the "about" page of this website.

 

IMAGES

Shown above:  Screenshot of the malicious email.

 

Shown above:  Clicking the link offered a ZIP archive for download and redirected to Google.

 

Shown above:  Downloaded ZIP archive and extracted Windows shortcut.

 

Shown above:  Some of the malware/artifacts from today's Guildma infection.

 

Click here to return to the main page.