Advisory
HC3 Analyst Note TLP White: Maldocs used to Deliver Information Stealer
September 8, 2020
In August 2020, security researchers identified a malicious email campaign impersonating a US hospital that was observed delivering a variety of information stealing trojans, including AgentTesla, Formbook, Matiex, and njRatAzorult. A recent uptick in detections submitted to VirusTotal suggests the actor may be ramping up their operations and the specific malicious documents (maldocs). creation technique detailed in this report is likely to be observed more in the wild. Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) are included in the report.
Key Resources
Related Resources
AHA Center for Health Innovation Market Scan