SYMBOLCOMMON_NAMEaka. SYNONYMS
win.astaroth (Back to overview)

Astaroth

aka: Guildma

There is no description at this point.

References
2020-05-11Cisco TalosNick Biasini, Edmund Brumaghin, Nick Lister
@online{biasini:20200511:astaroth:f325070, author = {Nick Biasini and Edmund Brumaghin and Nick Lister}, title = {{Astaroth - Maze of obfuscation and evasion reveals dark stealer}}, date = {2020-05-11}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/05/astaroth-analysis.html}, language = {English}, urldate = {2020-05-11} } Astaroth - Maze of obfuscation and evasion reveals dark stealer
Astaroth
2020-03-23MicrosoftMicrosoft Defender ATP Research Team
@online{team:20200323:latest:c58e3ed, author = {Microsoft Defender ATP Research Team}, title = {{Latest Astaroth living-off-the-land attacks are even more invisible but not less observable}}, date = {2020-03-23}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/03/23/latest-astaroth-living-off-the-land-attacks-are-even-more-invisible-but-not-less-observable/}, language = {English}, urldate = {2020-03-26} } Latest Astaroth living-off-the-land attacks are even more invisible but not less observable
Astaroth
2020-03-05ESET ResearchESET Research
@online{research:20200305:guildma:a339bd6, author = {ESET Research}, title = {{Guildma: The Devil drives electric}}, date = {2020-03-05}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/}, language = {English}, urldate = {2020-03-09} } Guildma: The Devil drives electric
Astaroth
2019-12-06BotconfJuraj Horňák, Jakub Souček
@techreport{hork:20191206:demystifying:1285ddd, author = {Juraj Horňák and Jakub Souček}, title = {{Demystifying banking trojans from Latin America}}, date = {2019-12-06}, institution = {Botconf}, url = {https://www.botconf.eu/wp-content/uploads/2019/12/B2019-Soucek-Hornak-DemystifyingBankingTrojansFromLatinAmerica.pdf}, language = {English}, urldate = {2020-05-05} } Demystifying banking trojans from Latin America
Astaroth Metamorfo
2019-07-08MicrosoftMicrosoft Defender ATP Research Team
@online{team:20190708:dismantling:7570b60, author = {Microsoft Defender ATP Research Team}, title = {{Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack}}, date = {2019-07-08}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2019/07/08/dismantling-a-fileless-campaign-microsoft-defender-atp-next-gen-protection-exposes-astaroth-attack/}, language = {English}, urldate = {2019-12-02} } Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack
Astaroth
2019-04-25AppGateEdgar Felipe Duarte Porras
@online{porras:20190425:meet:75dbab7, author = {Edgar Felipe Duarte Porras}, title = {{Meet Lucifer: A New International Trojan}}, date = {2019-04-25}, organization = {AppGate}, url = {https://blog.easysol.net/meet-lucifer-international-trojan/}, language = {English}, urldate = {2020-01-07} } Meet Lucifer: A New International Trojan
Astaroth
2019-02-13CybereasonEli Salem
@online{salem:20190213:astaroth:ed892f0, author = {Eli Salem}, title = {{Astaroth Malware Uses Legitimate OS and Antivirus Processes to Steal Passwords and Personal Data}}, date = {2019-02-13}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research}, language = {English}, urldate = {2020-01-09} } Astaroth Malware Uses Legitimate OS and Antivirus Processes to Steal Passwords and Personal Data
Astaroth

There is no Yara-Signature yet.