all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MetaStealer: String Decryption and DGA overview

Add to bookmarks
May 9, 2023, 9:45 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By: Jonathan McCay, Joshua Platt and Jason Reaves

Unit42[1] recently tweeted about a campaign starting with a malicious email link that downloads a OneNote file used to drop and execute MetaStealer. While investigating the MetaStealer sample[2], we noticed it attempts to connect to multiple domains that seemed to be randomly named. After landing on the C2 routine, instead of decrypting a static list of servers, the sample used a domain generation algorithm[3], (DGA) to derive the list. Predominantly used as …

article blog decryption dga global jason link may medium metastealer tech walmart

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Deepfakes and AI-Driven Disinformation Threaten Polls an hour ago | malware.news
access article campaigns deepfakes +13
Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ … an hour ago | malware.news
cybersecurity development hackers hello +16
Beyond the Evidence: Leveraging Decision Intelligence to Drive Better Outcomes in Digital Forensics an hour ago | malware.news
beyond communications crime decision +18
Graph: Growing number of threats leveraging Microsoft API 2 hours ago | malware.news
api article blogs cloud +12
The Future of Passwordless Authentication in Cybersecurity 2 hours ago | malware.news
actions authentication biometric clicking +15
Vulnerability in CraftBeerPi 4 software 2 hours ago | malware.news
article cert cert polska cve +9
Operation PANDORA shuts down 12 phone fraud call centres 4 hours ago | malware.news
bank call cash customer +16
Security Awareness Service Release on April 29, 2024 4 hours ago | malware.news
april article awareness delivery +12
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps 5 hours ago | malware.news
android android apps application applications +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs