Malware-Traffic-Analysis.net - 2024-10-07: Data dump (Formbook, possible Astaroth/Guildma, Redline Stealer, unidentified malware)

2024-10-07 (MONDAY): DATA DUMP (FORMBOOK, POSSIBLE ASTAROTH/GUILDMA, REDLINE STEALER, UNIDENTIFIED MALWARE)

NOTES:

Zip files are password-protected. Of note, this site has a new password scheme. For the password, see the "about" page of this website.

ASSOCIATED FILES:

2024-10-07-data-dump.zip 16.5 MB (16,549,928 bytes)

Brazil_targeted_likely_Astaroth_Guildma/

Brazil_targeted_likely_Astaroth_Guildma/2024-10-06-Correios-malspam-1537-UTC.eml 26.8 kB (26,828 bytes)

Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-attempted-infection-run-from-Brazil-malspam-link.pcap 38.3 kB (38,730 bytes)

Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-IOCs-for-Brazil-targeted-malware-Likely-Astaroth-Guildma.txt 1.5 kB (1,471 bytes)

Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-part-1-zip-download.txt 8.1 kB (8,074 bytes)

Brazil_targeted_likely_Astaroth_Guildma/2024-10-07-part-2-running-shortcut.txt 1.2 kB (1,170 bytes)

Brazil_targeted_likely_Astaroth_Guildma/Sedex_2024.LnK 1.6 kB (1,603 bytes)

Brazil_targeted_likely_Astaroth_Guildma/Sedex_2024.zip 3.4 kB (3,380 bytes)

Formbook/

Formbook/2024-10-07-Formbook-infection-traffic.pcap 1.1 MB (1,097,714 bytes)

Formbook/2024-10-07-Formbook-malspam-0107-UTC.eml 1.1 MB (1,083,544 bytes)

Formbook/2024-10-07-IOCs-for-Formbook-activity.txt 2.4 kB (2,423 bytes)

Formbook/RFQ QUG24-20037005420051820.exe 1.1 MB (1,085,687 bytes)

Formbook/RFQ QUG24-20037005420051820.zip 778.5 kB (778,400 bytes)

RedLine_Stealer/

RedLine_Stealer/2024-10-07-IOCs-for-Redline-Stealer-activity.txt 2.0 kB (1,998 bytes)

RedLine_Stealer/2024-10-07-RedLine-Stealer-malspam-0025-UTC.eml 152.9 kB (152,890 bytes)

RedLine_Stealer/2024-10-07-RedLine-Stealer-malspam-0150-UTC.eml 1.6 MB (1,666,257 bytes)

RedLine_Stealer/2024-10-07-RedLine-Stealer-post-infection-traffic.pcap 573.7 kB (573,749 bytes)

RedLine_Stealer/DHL SHIPING DOC.exe 1.5 MB (1,525,773 bytes)

RedLine_Stealer/DHL SHIPING DOC.iso 1.6 MB (1,589,248 bytes)

RedLine_Stealer/PAYMENT.exe 1.5 MB (1,548,039 bytes)

RedLine_Stealer/PAYMENT.rar 1.2 MB (1,191,639 bytes)

Unidentified_malware/

Unidentified_malware/2024-10-07-IOCs-for-unidentified-malware.txt 1.3 kB (1,277 bytes)

Unidentified_malware/2024-10-07-malspam-for-unidentified-malware-1019-UTC.eml 2.5 MB (2,541,155 bytes)

Unidentified_malware/2024-10-07-registry-update-for-peristence-from-unidentified-malware.txt 0.3 kB (290 bytes)

Unidentified_malware/2024-10-07-unidentified-malware-post-infection-traffic.pcap 1.1 MB (1,054,274 bytes)

Unidentified_malware/Shipping Documents inv. 5234353.exe 2.8 MB (2,824,192 bytes)

Unidentified_malware/Shipping Documents inv. 5234353.zip 1.8 MB (1,846,381 bytes)

Click here to return to the main page.