Difference between revisions of "Poison Ivy: assessing damage and extracting intelligence"
Jump to navigation
Jump to search
(Created page with "{{Publication |Botnet=Poison Ivy, |Year=2014 |Date=2014-08-30 |Editor=FireEye |Link=https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-i...") |
|||
| Line 5: | Line 5: | ||
|Editor=FireEye | |Editor=FireEye | ||
|Link=https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf | |Link=https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf | ||
|Author=FireEye, | |||
|Type=Tech report | |Type=Tech report | ||
|Abstract=Poison Ivy is a remote access tool that is freely available for download from its official web site at www.poisonivy-rat.com. First released in 2005, the tool has gone unchanged since 2008 with version 2.3.2. Poison Ivy includes features common to most Windows-based RATs, including key logging, screen capturing, video capturing, file transfers, system administration, password theft, and traffic relaying. | |Abstract=Poison Ivy is a remote access tool that is freely available for download from its official web site at www.poisonivy-rat.com. First released in 2005, the tool has gone unchanged since 2008 with version 2.3.2. Poison Ivy includes features common to most Windows-based RATs, including key logging, screen capturing, video capturing, file transfers, system administration, password theft, and traffic relaying. | ||
}} | }} | ||
Latest revision as of 17:26, 12 August 2015
(Publication) Google search: [1]
| Poison Ivy: assessing damage and extracting intelligence | |
|---|---|
| Botnet | Poison Ivy |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2014 / 2014-08-30 |
| Editor/Conference | FireEye |
| Link | https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf (Archive copy) |
| Author | FireEye |
| Type | Tech report |
Abstract
“ Poison Ivy is a remote access tool that is freely available for download from its official web site at www.poisonivy-rat.com. First released in 2005, the tool has gone unchanged since 2008 with version 2.3.2. Poison Ivy includes features common to most Windows-based RATs, including key logging, screen capturing, video capturing, file transfers, system administration, password theft, and traffic relaying.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR4646,
editor = {FireEye},
author = {FireEye},
title = {Poison Ivy: assessing damage and extracting intelligence},
date = {30},
month = Aug,
year = {2014},
howpublished = {\url{https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf}},
}