S1066Windows

S1066DarkTortilla

Platforms
1
ATT&CK
14.1
References
2

Description

[DarkTortilla](https://attack.mitre.org/software/S1066) is a highly configurable .NET-based crypter that has been possibly active since at least August 2015. [DarkTortilla](https://attack.mitre.org/software/S1066) has been used to deliver popular information stealers, RATs, and payloads such as [Agent Tesla](https://attack.mitre.org/software/S0331), AsyncRat, [NanoCore](https://attack.mitre.org/software/S0336), RedLine, [Cobalt Strike](https://attack.mitre.org/software/S0154), and Metasploit.(Citation: Secureworks DarkTortilla Aug 2022)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S1066
  2. https://www.secureworks.com/research/darktortilla-malware-analysis

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
QUIETCANARY
Software
Snip3
Software
NanoCore
Software
BlackCat
Software
Darkmoon
Software
ThreatNeedle
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.