PUA - MegaTools Execution

Swachchhanda Shrawan Poudel (Nextron Systems)

Detects the execution of Potentially Unwanted Application (PUA) - MegaTools. MegaTools is a command-line interface for the Mega.nz cloud storage service, which allows users to upload and download files. Adversaries have been known to abuse MegaTools for data exfiltration by uploading or downloading files to/from Mega.nz. If you don't usually use MegaTools on your enterprise, this warrants further investigation as it could be a sign of data exfiltration.

2025-04-08 00:00:00

2025-05-08 00:00:00

3f7c997d-5a3f-4f56-8531-1275a0094846

attack.exfiltration attack.t1567

Nextron Sigma feed only (private)