2022-03-21 (MONDAY) - INFECTION FROM BRAZIL MALSPAM

ASSOCIATED FILES:

• 2022-03-21-Brazil-sourced-malspam-infection-IOCs.txt.zip   1,270 kB   (1,270 bytes)
• 2022-03-18-Brazil-malspam-1654-UTC.eml.zip   2,591 kB   (2,591 bytes)
• 2022-03-21-Brazil-sourced-malspam-infection.pcap.zip   14.3 MB   (14,298,316 bytes)
• 2022-03-21-malware-from-Brazil-sourced-malspam-infection.zip   40.2 MB   (40,165,013 bytes)

NOTES:

• All zip archives on this site are password-protected.  If you don't know the password, see the "about" page of this website.

 

IMAGES

Shown above:  Screenshot from the email.

 

Shown above:  Link from the email returned an MSI file.

 

Shown above:  Traffic from the infection filtered in Wireshark.

 

Shown above:  Malware/artifacts found after the initial infection.

 

Click here to return to the main page.