metaMain

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[metaMain](https://attack.mitre.org/software/S1059) is a backdoor used by [Metador](https://attack.mitre.org/groups/G1013) to maintain long-term access to compromised machines; it has also been used to decrypt [Mafalda](https://attack.mitre.org/software/S1060) into memory.(Citation: SentinelLabs Metador Sept 2022)(Citation: SentinelLabs Metador Technical Appendix Sept 2022)

Tecniche Associate (28)

ID	ATT&CK	Tattiche
T1005	Data from Local System	-
T1027.013	Encrypted/Encoded File	-
T1033	System Owner/User Discovery	-
T1041	Exfiltration Over C2 Channel	-
T1055	Process Injection	-
T1056	Input Capture	-
T1056.001	Keylogging	-
T1057	Process Discovery	-
T1070.004	File Deletion	-
T1070.006	Timestomp	-
T1071.001	Web Protocols	-
T1074.001	Local Data Staging	-
T1082	System Information Discovery	-
T1083	File and Directory Discovery	-
T1090.001	Internal Proxy	-

Usato da Attori (1)

Metador
Unknown

Metadata

ID:	607
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00