HC3 Analyst Note TLP White: Maldocs used to Deliver Information Stealer

September 8, 2020

In August 2020, security researchers identified a malicious email campaign impersonating a US hospital that was observed delivering a variety of information stealing trojans, including AgentTesla, Formbook, Matiex, and njRatAzorult. A recent uptick in detections submitted to VirusTotal suggests the actor may be ramping up their operations and the specific malicious documents (maldocs). creation technique detailed in this report is likely to be observed more in the wild. Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) are included in the report.

Key Resources

Related Resources

Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Letter/Comment
AHA Submits Comments on CMS Guidance For Medicare Drug Price Negotiation Program
Public
AHA Center for Health Innovation Market Scan
4 Takeaways on Coming Shift in Health Services Demand
AHA Center for Health Innovation Market Scan
Type 2 Diabetes Patients Can Benefit from AI-Powered Nudges: Report
Other Resources
Highlights Committee Meeting AHA Rural Health Services May 16, 2024
Member
Advancing Health Podcast
From Surviving to Thriving: Ways to Boost Employee Retention in Rural Health Care
Public