2024-10-07 (MONDAY): DATA DUMP (FORMBOOK, POSSIBLE ASTAROTH/GUILDMA, REDLINE STEALER, UNIDENTIFIED MALWARE)

NOTES:

ASSOCIATED FILES:

  • Brazil_targeted_likely_Astaroth_Guildma/
  • Brazil_targeted_likely_Astaroth_Guildma/2024-10-06-Correios-malspam-1537-UTC.eml   26.8 kB (26,828 bytes)
  • Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-attempted-infection-run-from-Brazil-malspam-link.pcap   38.3 kB (38,730 bytes)
  • Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-IOCs-for-Brazil-targeted-malware-Likely-Astaroth-Guildma.txt   1.5 kB (1,471 bytes)
  • Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-part-1-zip-download.txt   8.1 kB (8,074 bytes)
  • Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-part-2-running-shortcut.txt   1.2 kB (1,170 bytes)
  • Brazil_targeted_likely_Astaroth_Guildma/Sedex_2024.LnK   1.6 kB (1,603 bytes)
  • Brazil_targeted_likely_Astaroth_Guildma/Sedex_2024.zip   3.4 kB (3,380 bytes)
  • Formbook/
  • Formbook/2024-10-07-Formbook-infection-traffic.pcap   1.1 MB (1,097,714 bytes)
  • Formbook/2024-10-07-Formbook-malspam-0107-UTC.eml   1.1 MB (1,083,544 bytes)
  • Formbook/2024-10-07-IOCs-for-Formbook-activity.txt   2.4 kB (2,423 bytes)
  • Formbook/RFQ QUG24-20037005420051820.exe   1.1 MB (1,085,687 bytes)
  • Formbook/RFQ QUG24-20037005420051820.zip   778.5 kB (778,400 bytes)
  • RedLine_Stealer/
  • RedLine_Stealer/2024-10-07-IOCs-for-Redline-Stealer-activity.txt   2.0 kB (1,998 bytes)
  • RedLine_Stealer/2024-10-07-RedLine-Stealer-malspam-0025-UTC.eml   152.9 kB (152,890 bytes)
  • RedLine_Stealer/2024-10-07-RedLine-Stealer-malspam-0150-UTC.eml   1.6 MB (1,666,257 bytes)
  • RedLine_Stealer/2024-10-07-RedLine-Stealer-post-infection-traffic.pcap   573.7 kB (573,749 bytes)
  • RedLine_Stealer/DHL SHIPING DOC.exe   1.5 MB (1,525,773 bytes)
  • RedLine_Stealer/DHL SHIPING DOC.iso   1.6 MB (1,589,248 bytes)
  • RedLine_Stealer/PAYMENT.exe   1.5 MB (1,548,039 bytes)
  • RedLine_Stealer/PAYMENT.rar   1.2 MB (1,191,639 bytes)
  • Unidentified_malware/
  • Unidentified_malware/2024-10-07-IOCs-for-unidentified-malware.txt   1.3 kB (1,277 bytes)
  • Unidentified_malware/2024-10-07-malspam-for-unidentified-malware-1019-UTC.eml   2.5 MB (2,541,155 bytes)
  • Unidentified_malware/2024-10-07-registry-update-for-peristence-from-unidentified-malware.txt   0.3 kB (290 bytes)
  • Unidentified_malware/2024-10-07-unidentified-malware-post-infection-traffic.pcap   1.1 MB (1,054,274 bytes)
  • Unidentified_malware/Shipping Documents inv. 5234353.exe   2.8 MB (2,824,192 bytes)
  • Unidentified_malware/Shipping Documents inv. 5234353.zip   1.8 MB (1,846,381 bytes)

 

Click here to return to the main page.