Names | PowerPepper | |
Category | Malware | |
Type | Backdoor | |
Description | (Kaspersky) PowerPepper is a Windows in-memory PowerShell backdoor that can execute remotely sent shell commands. In strict accordance with DeathStalker’s traditions, the implant will try to evade detection or sandboxes execution with various tricks such as detecting mouse movements, filtering the client’s MAC addresses, and adapting its execution flow depending on detected antivirus products. | |
Information | <https://securelist.com/what-did-deathstalker-hide-between-two-ferns/99616/> |
Last change to this tool card: 06 January 2021
Download this tool card in JSON format
Previous: Powermud
Next: POWERPIPE
Changed | Name | Country | Observed | ||
Other groups | |||||
Deceptikons, DeathStalker | [Unknown] | 2012-May 2020 |
1 group listed (0 APT, 1 other, 0 unknown)
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on![]() ![]() |
Report incidents |
|
![]() |
+66 (0)2-123-1234 | |
![]() |
report@thaicert.or.th | |
![]() |
Download PGP key |