HyperBro

Description

(Kaspersky) The operators used the HyperBro Trojan as their last-stage in-memory remote administration tool (RAT). The timestamps for these modules are from December 2017 until January 2018. The anti-detection launcher and decompressor make extensive use of Metasploit’s shikata_ga_nai encoder as well as LZNT1 compression.

Names

Name
HyperBro

Category

Malware

Type

• Backdoor
• Info stealer
• Credential stealer
• Keylogger

Information

• https://securelist.com/luckymouse-hits-national-data-center/86083/

Mitre Attack

• https://attack.mitre.org/software/S0398/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.hyperbro

Alienvault Otx

• https://otx.alienvault.com/browse/pulses?q=tag:hyperbro

Other Information

Uuid

b4c5f160-6c46-4cd3-8abe-420b314ffe0e

Last Card Change

2021-11-01