S1059Windows

S1059metaMain

Platforms
1
ATT&CK
14.1
References
3

Description

[metaMain](https://attack.mitre.org/software/S1059) is a backdoor used by [Metador](https://attack.mitre.org/groups/G1013) to maintain long-term access to compromised machines; it has also been used to decrypt [Mafalda](https://attack.mitre.org/software/S1060) into memory.(Citation: SentinelLabs Metador Sept 2022)(Citation: SentinelLabs Metador Technical Appendix Sept 2022)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S1059
  2. https://assets.sentinelone.com/sentinellabs22/metador#page=1
  3. https://docs.google.com/document/d/1e9ZTW9b71YwFWS_18ZwDAxa-cYbV8q1wUefmKZLYVsA/edit#heading=h.lmnbtht1ikzm

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Mafalda
Software
MacMa
Software
Metamorfo
Software
MechaFlounder
Software
GoldMax
Software
Bumblebee
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.