PoisonIvy2
PoisonIvy 2005 Gin-derived APT tool. VBOX detection. Helpstore.exe. Using APT1/APT10/Naikon. 2008 source is yours.
Threat Profile
Type
RAT
Programming LanguageDelphi/C
C2 ProtocolTCP/Custom
First Seen2005
Targets
Devlet Hedefleri
Purpose / Capabilities
- Remote Access+Espionage
No C2 servers have been identified for this family yet.
Research Reports (1)
PoisonIvy -- Helpstore.exe VBOX VirtualBox Tespiti, Anti-Debug IsDebuggerPresent | Orta
PoisonIvy 1.6MB Helpstore.exe. VBOX VirtualBox string tespiti. IsDebuggerPresent anti-debug. Cin APT aracı.
Read Report →