Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:43:09 UTC
Home > List all groups > List all tools > List all groups using tool METALJACK
 Tool: METALJACK
Names
METALJACK
denesRAT
Category Malware
Type Loader, Reconnaissance, Backdoor
Description
(FireEye) The malware also loads shellcode in an additional resource, which contains the
METALJACK payload. The shellcode performs a system survey to collect the victim's
computer name and username and then appends those values to a URL string using
libjs.inquirerjs[.]com. It then attempts to call out to the URL. If the callout is successful, the
malware loads the METALJACK payload into memory.
Information
Malpedia Last change to this tool card: 28 December 2022
Download this tool card in JSON format
All groups using tool METALJACK
Changed Name Country Observed
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9454a6a5-f24f-456a-970b-89182881719f
Page 1 of 2

APT groups
  APT 32, OceanLotus, SeaLotus 2013-Aug 2024
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9454a6a5-f24f-456a-970b-89182881719f
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9454a6a5-f24f-456a-970b-89182881719f
Page 2 of 2