Hide Navigation Hide TOC

metaMain (0a9874bf-4f02-5fab-8ab6-d0f42c6bc71d)

metaMain is a backdoor used by Metador to maintain long-term access to compromised machines; it has also been used to decrypt Mafalda into memory.^{[SentinelLabs Metador Sept 2022][SentinelLabs Metador Technical Appendix Sept 2022]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
metaMain (0a9874bf-4f02-5fab-8ab6-d0f42c6bc71d)	Tidal Software	Metador (a3a3a1d3-7fe7-5578-8c5f-9c0f2f68079b)	Tidal Groups	1