SYMBOLCOMMON_NAMEaka. SYNONYMS
win.vetta_loader (Back to overview)

Vetta Loader

aka: BrokerLoader, EMPTYSPACE

Vetta Loader is a persistent Loader spreading with infected USB drives. It downloads other components leveraging legit hosting services.
https://yoroi.company/wp-content/uploads/2023/12/202311-Vetta-Loader_Def-min.pdf

References
2024-07-11GoogleDianaE
Finding Malware: Detecting EMPTYSPACE with Google Security Operations
Vetta Loader
2024-01-30MandiantDiana Ion, Jae Young Kim, Muhammad Umair, Panagiotis Antoniou, Yash Gupta
Evolution of UNC4990: Uncovering USB Malware's Hidden Depths
QUIETBOARD Vetta Loader UNC4990
2023-12-06Carmelo Ragusa, Luigi Martire
Unveiling “Vetta Loader”: A custom loader hitting Italy and spread through infected USB Drives
Vetta Loader
2023-12-06FortgaleFortgale
Nebula Broker: offensive operations made in Italy
Vetta Loader

There is no Yara-Signature yet.