Verblecon (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

jar.verblecon (Back to overview)

Verblecon

This malware seems to be used for attacks installing cyptocurrency miners on infected machines. Other indicators leads to the assumption that attackers may also use this malware for other purposes (e.g. stealing access tokens for Discord chat app). Symantec describes this malware as complex and powerful: The malware is loaded as a server-side polymorphic JAR file.

References

2022-03-29 ⋅ Symantec ⋅ Threat Hunter Team
Verblecon: Sophisticated New Loader Used in Low-level Attacks
Verblecon

There is no Yara-Signature yet.

Verblecon Propose Change

References

Verblecon