Siesta DescriptionType: Possibly Unwanted Program
Siesta is a cyber espionage campaign which affects many organizations of multiple industries. The delivered malware threat is dubbed Siesta on account of periods of dormancy to access at regular intervals with email messages attacking executives of the company. The sender's email address is spoofed to occur as if it was sent by another employee of the company. The unsolicited emails did not encompass a malware infection, but they include links which direct to a download website. The website involving the malware threat is named [malicious domain]/ [organization name]/[legitimate archive name].zip. The archive encompasses an executable file which when first looked upon seems to be a safe PDF document but when run, a genuine PDF file which may have been taken from the attacked company's website and a harmful component is downloaded. The malware threat, known as Siesta, surreptitiously accesses the computer when the target PC user is looking at the PDF document and starts communicating with a command and control server from which it receives instructions like 'sleep' and 'download'. The sleep command instructs the malware infection to stay idle for given number of minutes before resuming its actions and the download command instructs the malware threat to drop and run an additional harmful component. In fact, the name Siesta campaign depends on the use of sleep command. 'Siesta' means 'nap' in Spanish.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.