2025-03-05 (Wednesday): #Astaroth ( #Guildma ) distributed through Brazil #malspam
As usual, I didn't get a full infection chain, but I did get the initial zip archive from that link in the email.
Details at https://github.com/malware-traffic/indicators/blob/main/2025-03-05-Astaroth-Guildma-activity-from-Brazil-malspam.txt
indicators/2025-03-05-Astaroth-Guildma-activity-from-Brazil-malspam.txt at main · malware-traffic/indicators
Indicators of Compromise (IOCs) from malware or suspicious network traffic - malware-traffic/indicators
Brad
