DarkTortilla
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[DarkTortilla](https://attack.mitre.org/software/S1066) is a highly configurable .NET-based crypter that has been possibly active since at least August 2015. [DarkTortilla](https://attack.mitre.org/software/S1066) has been used to deliver popular information stealers, RATs, and payloads such as [Agent Tesla](https://attack.mitre.org/software/S0331), AsyncRat, [NanoCore](https://attack.mitre.org/software/S0336), RedLine, [Cobalt Strike](https://attack.mitre.org/software/S0154), and Metasploit.(Citation: Secureworks DarkTortilla Aug 2022)
Tecniche Associate (28)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1007 | System Service Discovery | - |
| T1016.001 | Internet Connection Discovery | - |
| T1027 | Obfuscated Files or Information | - |
| T1036 | Masquerading | - |
| T1047 | Windows Management Instrumentation | - |
| T1055.001 | Dynamic-link Library Injection | - |
| T1056.001 | Keylogging | - |
| T1057 | Process Discovery | - |
| T1059.003 | Windows Command Shell | - |
| T1071.001 | Web Protocols | - |
| T1082 | System Information Discovery | - |
| T1102 | Web Service | - |
| T1105 | Ingress Tool Transfer | - |
| T1106 | Native API | - |
| T1112 | Modify Registry | - |
Metadata
| ID: | 281 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |