ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool IXESHE

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: IXESHE

NamesIXESHE
CategoryMalware
TypeReconnaissance, Backdoor, Info stealer, Exfiltration
Description(Trend Micro) The IXESHE malware binary allowed the attackers to easily take over and maintain complete control of victims’ systems to do the following:
• List all services, processes, and drives
• Terminate processes and services
• Download and upload files
• Start processes and services
• Get victims’ user names
• Get a machine’s name and domain name
• Download and execute arbitrary files
• Cause a system to pause or sleep for a specified number of minutes
• Spawn a remote shell
• List all current files and directories
Information<https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp_ixeshe.pdf>
MITRE ATT&CK<https://attack.mitre.org/software/S0015/>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:IXESHE>

Last change to this tool card: 22 April 2020

Download this tool card in JSON format

All groups using tool IXESHE

ChangedNameCountryObserved

APT groups

 APT 12, Numbered PandaChina2009-Nov 2016 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key