SYMBOLCOMMON_NAMEaka. SYNONYMS
win.metaljack (Back to overview)

METALJACK

aka: denesRAT

Actor(s): APT32


There is no description at this point.

References
2021-02-28PWC UKPWC UK
@techreport{uk:20210228:cyber:bd780cd, author = {PWC UK}, title = {{Cyber Threats 2020: A Year in Retrospect}}, date = {2021-02-28}, institution = {PWC UK}, url = {https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf}, language = {English}, urldate = {2021-03-04} } Cyber Threats 2020: A Year in Retrospect
elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare
2020-11-10Recorded FutureInsikt Group®
@techreport{group:20201110:new:97e5657, author = {Insikt Group®}, title = {{New APT32 Malware Campaign Targets Cambodian Government}}, date = {2020-11-10}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2020-1110.pdf}, language = {English}, urldate = {2020-11-11} } New APT32 Malware Campaign Targets Cambodian Government
KerrDown METALJACK SOUNDBITE
2020-09-02Viettel Cybersecurityvuonglvm
@online{vuonglvm:20200902:apt32:34d9d9b, author = {vuonglvm}, title = {{APT32 deobfuscation arsenal: Deobfuscating một vài loại Obfucation Toolkit của APT32 (Phần 1)}}, date = {2020-09-02}, organization = {Viettel Cybersecurity}, url = {https://blog.viettelcybersecurity.com/apt32-deobfuscation-arsenal-deobfuscating-mot-vai-loai-obfucation-toolkit-cua-apt32-phan-1/}, language = {Vietnamese}, urldate = {2020-09-09} } APT32 deobfuscation arsenal: Deobfuscating một vài loại Obfucation Toolkit của APT32 (Phần 1)
METALJACK SOUNDBITE
2020-05-26Youtube (GRIMM Cyber)Konstantin Klinger
@online{klinger:20200526:passive:8d29e47, author = {Konstantin Klinger}, title = {{Passive DNS for Threat Detection & Hunting (Discussing some infrastructure related to APT32)}}, date = {2020-05-26}, organization = {Youtube (GRIMM Cyber)}, url = {https://www.youtube.com/watch?v=ftjDH65kw6E}, language = {English}, urldate = {2020-10-12} } Passive DNS for Threat Detection & Hunting (Discussing some infrastructure related to APT32)
METALJACK
2020-04-22FireEyeScott Henderson, Gabby Roncone, Sarah Jones, John Hultquist, Ben Read
@online{henderson:20200422:vietnamese:d9dc0db, author = {Scott Henderson and Gabby Roncone and Sarah Jones and John Hultquist and Ben Read}, title = {{Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage}}, date = {2020-04-22}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2020/04/apt32-targeting-chinese-government-in-covid-19-related-espionage.html}, language = {English}, urldate = {2020-04-26} } Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
METALJACK
2020-03-26TencentTencent
@online{tencent:20200326:summary:0e6ed2f, author = {Tencent}, title = {{Summary of recent APT attack activities using "New Crown Outbreak (COVID-19)" as bait}}, date = {2020-03-26}, organization = {Tencent}, url = {https://s.tencent.com/research/report/944.html}, language = {Chinese}, urldate = {2020-04-26} } Summary of recent APT attack activities using "New Crown Outbreak (COVID-19)" as bait
METALJACK
2020-03-26QianxinRed Raindrop Team
@online{team:20200326:covid19:43d6b99, author = {Red Raindrop Team}, title = {{COVID-19 | Analysis Report of Global Epidemic-Related Cyber ​​Attacks Covered by New Crown Virus}}, date = {2020-03-26}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/coronavirus-analysis-of-global-outbreak-related-cyber-attacks/}, language = {Chinese}, urldate = {2020-04-26} } COVID-19 | Analysis Report of Global Epidemic-Related Cyber ​​Attacks Covered by New Crown Virus
METALJACK
2020-03-05secrssunknown
@online{unknown:20200305:vietnam:b7c4ae2, author = {unknown}, title = {{Vietnam National Background APT organization "Sea Lotus" used the topic of the epidemic to attack our government agencies}}, date = {2020-03-05}, organization = {secrss}, url = {https://www.secrss.com/articles/17900}, language = {Chinese}, urldate = {2020-04-26} } Vietnam National Background APT organization "Sea Lotus" used the topic of the epidemic to attack our government agencies
METALJACK
2020-03-05Microstep Intelligence BureauMicrostep Intelligence Bureau
@online{bureau:20200305:vietnam:23ec4c0, author = {Microstep Intelligence Bureau}, title = {{Vietnam National Background APT organization "Sea Lotus" used the topic of the epidemic to attack our government agencies}}, date = {2020-03-05}, organization = {Microstep Intelligence Bureau}, url = {https://m.threatbook.cn/detail/2527}, language = {Chinese}, urldate = {2020-04-26} } Vietnam National Background APT organization "Sea Lotus" used the topic of the epidemic to attack our government agencies
METALJACK

There is no Yara-Signature yet.