ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool PowerPepper

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: PowerPepper

NamesPowerPepper
CategoryMalware
TypeBackdoor
Description(Kaspersky) PowerPepper is a Windows in-memory PowerShell backdoor that can execute remotely sent shell commands. In strict accordance with DeathStalker’s traditions, the implant will try to evade detection or sandboxes execution with various tricks such as detecting mouse movements, filtering the client’s MAC addresses, and adapting its execution flow depending on detected antivirus products.
Information<https://securelist.com/what-did-deathstalker-hide-between-two-ferns/99616/>

Last change to this tool card: 06 January 2021

Download this tool card in JSON format

Previous: Powermud
Next: POWERPIPE

All groups using tool PowerPepper

ChangedNameCountryObserved

Other groups

 Deceptikons, DeathStalker[Unknown]2012-May 2020 

1 group listed (0 APT, 1 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key