Trojan.Mettle.B

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	14,560
Threat Level:	80 % (High)
Infected Computers:	94

First Seen:	September 15, 2023
Last Seen:	March 18, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Mettle.B
Signature status:	No Signature

Known Samples

MD5: 4cf9ff10d5bc4e27726d56c3e824acca

SHA1: 7db141b1d4070d7687681ed40de80d780c7e71fc

SHA256: 188C0526DF3CD6BC0705A78E78E97B219D77DD99268A1DE2FB019D7326E50693

File Size: 1.23 MB, 1226926 bytes

MD5: f4c4062692f0f268443bd08ffcb11cf0

SHA1: b3dd514b93b2c22aa53b0edc28771e66fc046ebe

SHA256: DF1E16A018913728F4800BB29099CC88A7AE1390BED4934EEA155E5701B7B1CB

File Size: 1.23 MB, 1226944 bytes

MD5: 37e615181c037222acb7b55f9d975172

SHA1: a4758c2b700faa70c0df247e421e95ff6dc86816

SHA256: 2F651F286C905E1D5320CDA83DDDD0042508A7DA004E41736D611DE9B459891A

File Size: 1.15 MB, 1149040 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have resources
File doesn't have security information
File has exports table
File has TLS information
File is 32-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is Native application (NOT .NET application)

File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

big overlay
No Version Info
VirtualQueryEx
x86

Block Information

Total Blocks:	2,873
Potentially Malicious Blocks:	1,169
Whitelisted Blocks:	1,701
Unknown Blocks:	3

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x 0 x 0 0 0 0 0 x x 0 0 0 0 0 0 x x x x x x x 0 x 0 x x 0 0 0 x 0 0 0 0 0 0 0 x x 0 x x x x 0 0 x x x x x x 0 x 0 x x x x x x x x x 0 0 0 x 0 0 x x x 0 0 x x x x x x x x x x x x x x x 0 x x 0 0 x 0 x x x x x x 0 x x 1 x x x x 0 0 x 0 0 x x 0 x x x x x x x 0 0 x x 0 0 0 0 0 x x x x x x x x x x x 0 0 x x x x 0 x x x 0 x 0 0 x x x 0 x x 0 1 x x x 0 0 x x 0 0 0 0 0 x x x x x x x x x x x x x 0 0 0 x 0 x 0 0 x x x x x 2 0 x 0 x x 0 x 0 x x x x x x x x x 0 x x x x x x 0 x x x 0 x 0 x x x x 0 0 x x x 0 x x x 0 x 0 0 0 0 x x x x x x 0 0 x x x x x x x x x 0 x x 0 0 x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x 0 x x x x x x x x 0 0 0 x x x 0 0 x x x x x x x x x x x x x 0 0 x 0 0 x x x x x 0 0 x x x x x x x x x x x 0 0 0 0 0 0 0 0 x x x 0 x x x x 0 0 x 0 0 x 0 x x x x x x x 0 x x 0 0 x 0 x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x 0 x x x x x 0 ? 0 x x x 0 x x x x ? x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x 0 x x x x x 0 x x x x x x x x x x x x x x x x x x 0 x x 0 0 0 0 0 x 0 0 0 0 x x x x x x x 0 x x x 0 0 x 0 x x 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x x x x x 0 0 x 0 x 0 0 0 x x 0 x x 0 0 0 x 0 0 x 0 0 0 x 0 0 x 0 x 0 0 0 x x x x 0 x x 0 0 x x 0 0 x x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 x x x x x 0 x x x x x 0 0 x 0 0 0 x 0 0 0 0 0 x x x x x x 0 0 x x x 0 0 0 0 0 0 0 x 0 0 x x x x x 0 0 0 0 0 0 0 x 0 0 0 x x x 0 x 0 0 x 0 0 0 0 0 x x 0 x x 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x x 0 0 x 0 0 x 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x 0 0 0 x x 0 0 x 0 x x 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x x x 0 0 x x x x x x x 0 x 0 0 0 x x x x 0 0 0 x x 0 0 x x x x 0 x x x x 0 x x x x 0 x 0 0 0 x 0 x x x x 0 x x 0 0 x x 0 0 x x 0 0 x x 0 x x x x x x 0 0 0 x x 0 x x 0 0 0 x 0 x 0 x x 0 x 0 0 0 x 0 0 0 0 x x 0 0 0 0 0 0 0 x x 0 x 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 x 0 0 0 0 x 0 x x x 0 0 0 0 0 0 x x 0 0 0 x 0 x x 0 0 x x 0 0 x x 0 0 0 0 x x 0 0 0 0 x x 0 0 0 0 0 0 0 0 x 0 x x x x 0 0 0 0 0 x 0 0 x 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 x 0 0 0 0 x 0 0 0 x x 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 x 0 x 0 0 0 x x x 0 x 0 x 0 0 x 0 x x 0 x x x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 x x x x x x 0 0 0 x 0 0 x x 0 x x 0 0 x x 0 x x 0 0 x 0 0 0 x 0 x 0 x x 0 0 x 0 x 0 0 0 0 0 x x x 0 0 x x 0 x 0 0 0 x x 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 x x 0 0 x x 0 x x 0 x 0 x 0 x 0 0 0 0 0 x 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x 0 0 0 x x x 2 x x x x x x x x x x x x 0 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 x x 0 0 0 x x x 0 0 x 0 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x 0 x x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x 0 x x x x x x x x x 0 0 x x x 1 x 0 0 0 0 x x x x 0 x x x x x x 0 0 x x x x 0 x x 0 x x x x x x x x 0 x x x x x x x x x x x x x x x x x 0 0 x x 0 x x x x x x x x 0 0 0 x x x x x 0 x x x x 0 x x x x x x x 0 0 x x x x x x x 0 x x 0 x x x x x 0 0 x x x x x x 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 x 0 x 2 x x 0 x x x x x x x x x 0 x x x x x x x x 0 x x x x x x x x x x x x x x x x x 0 0 0 0 x x x x x x x 0 x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x 0 x x 0 x x x x x x x x 0 x x x 0 x x x 0 x x x x x x x x 0 x x x 0 0 x 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Mettle.B

Files Modified

File	Attributes
c:\users\user\downloads\temp\shsandbox-win32.dll-5.21.4.9999-x86.dmp	Generic Read,Write Data,Write Attributes,Write extended,Append data

Windows API Usage

Category	API
Other Suspicious	AdjustTokenPrivileges
Network Winsock2	WSAStartup
Network Winsock	gethostbyaddr gethostbyname gethostname

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Mettle.B

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Windows API Usage

Windows API Usage

Submit Comment

Trending

PUP.Rostpay

Malicious Packagist PHP Packages

Hotel Room Upgrade Malicious Emails

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen