Difference between revisions of "Poison Ivy"

From Botnets.fr
Jump to navigation Jump to search
m (Text replacement - "=Unknown" to "=")
 
Line 1: Line 1:
{{Botnet
{{Botnet
|Target=Microsoft Windows
|Target=Microsoft Windows
|UserAgent=Unknown
|UserAgent=
|CCProtocol=TCP/3360
|CCProtocol=TCP/3360
|Status=Unknown
|Status=
|BeginYear=Unknown
|BeginYear=
|EndYear=Unknown
|EndYear=
|Group=RAT, Spying,
|Group=RAT, Spying,
|Commercialisation=* Le RAT est disponible ici : http://www.poisonivy-rat.com/
|Commercialisation=* Le RAT est disponible ici : http://www.poisonivy-rat.com/

Latest revision as of 15:44, 8 August 2015

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

Poison Ivy
Alias
Group RAT, Spying
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of:
Distribution of:
Campaigns: APT1

Target Microsoft Windows
Origin
Distribution vector
UserAgent
CCProtocol TCP/3360 (Port)
Activity /
Status
Language
Programming language
Operation/Working group

Introduction

Features

Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
APT1: technical backstageMalware.lu
Paul Rascagnères		Malware.lu2013
Department of Labor strategic web compromiseMatt DahlCrowdstrike2013
Poison Ivy 2.3.0 DocumentationShapelessPoisonIvy2007
Poison Ivy: assessing damage and extracting intelligenceFireEyeFireEye2014
PoisonIvy adapts to communicate through authentication proxiesShusei TomonagaJPCERT-CC2015
Retrieved from "https://www.botnets.fr/index.php?title=Poison_Ivy&oldid=12280"