2023-12-11 (MONDAY): INFECTION FROM BRAZIL PORTUGUESE MALSPAM (ASTAROTH/GUILDMA)

NOTICE:

• Of note, the zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

REFERENCE:

• https://www.linkedin.com/posts/unit42_malspam-guildma-astaroth-activity-7140451772770205696-t2d6/
• https://twitter.com/Unit42_Intel/status/1734686148289777666

ASSOCIATED FILES:

• 2023-12-11-IOCs-for-Astaroth-Guildma-activity.txt.zip   3.0 kB   (3,027 bytes)
• 2023-12-11-Brazil-malspam-122359-UTC.eml.zip   2.4 kB   (2,356 bytes)
• 2023-12-11-Astaroth-Guildma-infection-trafffic.pcap.zip   4.4 MB   (4,424,215 bytes)
• 2023-12-11-Astaroth-Guildma-malware-and-artifacts.zip   4.3 MB   (4,269,032 bytes)

 

Click here to return to the main page.