Government of the Republic of Trinidad and Tobago

Securing the Nation's Digital Infrastructure

TTCSIRT-364.10.02.20: TT-CSIRT ADVISORY – Remote Access Trojan: SLOTHFULMEDIA

The malware variant, known as SlothfulMedia, has been used by a sophisticated cyber actor. CISA and CNMF are distributing this MAR to enable network defense and reduced exposure to malicious activity. This MAR includes suggested response actions and recommended mitigation techniques. The sample is a dropper, which deploys two files when executed. The first is …