BABYMETAL (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.babymetal (Back to overview)

BABYMETAL

Actor(s): Anunak

BABYMETAL is a command line network tunnel utility based on the TinyMet Meterpreter tool, primarily used to execute Meterpreter reverse shell payloads.

References

2022-04-27 ⋅ ANSSI ⋅ ANSSI
LE GROUPE CYBERCRIMINEL FIN7
Bateleur BELLHOP Griffon SQLRat POWERSOURCE Andromeda BABYMETAL BlackCat BlackMatter BOOSTWRITE Carbanak Cobalt Strike DNSMessenger Dridex DRIFTPIN Gameover P2P MimiKatz Murofet Qadars Ranbyus SocksBot

2022-04-04 ⋅ Mandiant ⋅ Bryce Abdo, Zander Work, Ioana Teaca, Brendan McKeague
FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7
Griffon BABYMETAL Carbanak Cobalt Strike JSSLoader Termite

2018-10-01 ⋅ FireEye ⋅ Regina Elwell, Katie Nickels
ATT&CKing FIN7
Bateleur BELLHOP Griffon ANTAK POWERPIPE POWERSOURCE HALFBAKED BABYMETAL Carbanak Cobalt Strike DNSMessenger DRIFTPIN PILLOWMINT SocksBot

2018-08-01 ⋅ FireEye ⋅ Nick Carr, Kimberly Goody, Steve Miller, Barry Vengerik
On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation
BELLHOP POWERPIPE BABYMETAL SocksBot FIN7

2016-01-12 ⋅ FireEye ⋅ John Miller, Barry Vengerik
The Magnificent FIN7: Revealing a Cybercriminal Threat Group
BABYMETAL

There is no Yara-Signature yet.