'Fully undetectable' Windows PowerShell backdoor detected
Tags
cmtmf-attack-pattern: Masquerading
country: China Jordan
maec-delivery-vectors: Watering Hole
attack-pattern: Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Scheduled Task - T1053.005 Software - T1592.002 Steganography - T1001.002 Steganography - T1406.001 Steganography - T1027.003 Tool - T1588.002 Masquerading - T1036 Powershell - T1086 Scheduled Task - T1053 Masquerading
Show in Graph
Common Information
Type Value
UUID a8860449-e32e-4956-ba66-15008b09a874
Fingerprint 14c62d72bf0445ca
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 18, 2022, 8:14 p.m.
Added to db Oct. 18, 2022, 11:07 p.m.
Last updated Nov. 12, 2024, 6:02 a.m.
Headline 'Fully undetectable' Windows backdoor gets detected
Title 'Fully undetectable' Windows PowerShell backdoor detected
Detected Hints/Tags/Attributes 38/4/3
Source URLs
Redirection Url
Details Source https://www.theregister.com/2022/10/18/fully_undetectable_windows_powershell_backdoor/
URL Provider
Details Provider Source level domain
Details theregister.com www.theregister.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 3 
updater.vbs
Details File 21 
script.ps1
Details File 7 
temp.ps1