Astaroth

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[Astaroth](https://attack.mitre.org/software/S0373) is a Trojan and information stealer known to affect companies in Europe, Brazil, and throughout Latin America. It has been known publicly since at least late 2017. (Citation: Cybereason Astaroth Feb 2019)(Citation: Cofense Astaroth Sept 2018)(Citation: Securelist Brazilian Banking Malware July 2020)

Associated Techniques (36)

ID	ATT&CK	Tactics
T1016	System Network Configuration Discovery	-
T1027.002	Software Packing	-
T1027.010	Command Obfuscation	-
T1027.013	Encrypted/Encoded File	-
T1041	Exfiltration Over C2 Channel	-
T1047	Windows Management Instrumentation	-
T1055.012	Process Hollowing	-
T1056.001	Keylogging	-
T1057	Process Discovery	-
T1059.003	Windows Command Shell	-
T1059.005	Visual Basic	-
T1059.007	JavaScript	-
T1074.001	Local Data Staging	-
T1082	System Information Discovery	-
T1102.001	Dead Drop Resolver	-

Aliases (105)

Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma Guildma

Metadata

ID:	645
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00