SYMBOLCOMMON_NAMEaka. SYNONYMS
jar.verblecon (Back to overview)

Verblecon


This malware seems to be used for attacks installing cyptocurrency miners on infected machines. Other indicators leads to the assumption that attackers may also use this malware for other purposes (e.g. stealing access tokens for Discord chat app). Symantec describes this malware as complex and powerful: The malware is loaded as a server-side polymorphic JAR file.

References
2022-03-29SymantecThreat Hunter Team
@online{team:20220329:verblecon:0a3286b, author = {Threat Hunter Team}, title = {{Verblecon: Sophisticated New Loader Used in Low-level Attacks}}, date = {2022-03-29}, organization = {Symantec}, url = {https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/verblecon-sophisticated-malware-cryptocurrency-mining-discord}, language = {English}, urldate = {2022-03-30} } Verblecon: Sophisticated New Loader Used in Low-level Attacks
Verblecon

There is no Yara-Signature yet.