Tool: TerraPreter| Names | TerraPreter | |
| Category | Malware | |
| Type | Loader | |
| Description | (ESET) Evilnum group also uses 64-bit executables that decrypt and run a Meterpreter instance in memory. The use of Meterpreter gives them flexibility and the ability to run various payloads in a stealthy and extensible way. The structure of these components and the integrity checks implemented were identified as TerraLoader (More_eggs) code. That’s why we refer to these components as TerraPreter. | |
| Information | <https://www.welivesecurity.com/2020/07/09/more-evil-deep-look-evilnum-toolset/> | |
Last change to this tool card: 10 July 2020
Download this tool card in JSON format
Previous: TerraCrypt
Next: TerraRecon
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Evilnum | [Unknown] | 2018-Aug 2020 | |||
Other groups | |||||
| Venom Spider, Golden Chickens |  | 2017-Feb 2019 | |||
2 groups listed (1 APT, 1 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |