S0012Windows

S0012PoisonIvy

Platforms
1
ATT&CK
14.1
References
6

Description

[PoisonIvy](https://attack.mitre.org/software/S0012) is a popular remote access tool (RAT) that has been used by many groups.(Citation: FireEye Poison Ivy)(Citation: Symantec Elderwood Sept 2012)(Citation: Symantec Darkmoon Aug 2005) Documented platforms: Windows. Catalogued in ATT&CK 14.1. 6 references curated.

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0012
  2. https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf
  3. https://www.symantec.com/security_response/writeup.jsp?docid=2005-081910-3934-99
  4. https://web.archive.org/web/20230115144216/http://www.novetta.com/wp-content/uploads/2014/11/Executive_Summary-Final_1.pdf
  5. https://web.archive.org/web/20190717233006/http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-elderwood-project.pdf
  6. https://www.symantec.com/connect/blogs/life-mars-how-attackers-took-advantage-hope-alien-existance-new-darkmoon-campaign

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Poison Ivy
Software
NETWIRE
Software
njRAT
Software
Revenge RAT
Software
PlugX
Software
4H RAT
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.