ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Cherry Picker

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Cherry Picker

NamesCherry Picker
Cherry Picker POS
cherry_picker
CategoryMalware
TypePOS malware, Credential stealer
Description(Trustwave) For the last five years Trustwave has been monitoring a threat across a number of forensic cases that we have dubbed 'Cherry Picker'. This targeted Point of Sale (PoS) memory scraper has enjoyed a very low detection rate in the wild for quite some time. Cherry Picker uses a new memory scraping algorithm, a file infector for persistence, and cleaner malware that removes all traces of the infection from target systems. This sophisticated functionality and highly targeted victims have helped the malware remain under the radar of many AV and security companies. This post will expose the functionality of Cherry Picker and hopefully help organizations provide protection from this threat.
Information<https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/shining-the-spotlight-on-cherry-picker-pos-malware/>
<https://www.trustwave.com/Resources/SpiderLabs-Blog/New-Memory-Scraping-Technique-in-Cherry-Picker-PoS-Malware/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.cherry_picker>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:cherry%20picker>

Last change to this tool card: 24 May 2020

Download this tool card in JSON format

Previous: CheeseTray
Next: ChewBacca

All groups using tool Cherry Picker

ChangedNameCountryObserved

Unknown groups

 _[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key