S0393Windows

S0393PowerStallion

Platforms
1
ATT&CK
14.1
References
2

Description

[PowerStallion](https://attack.mitre.org/software/S0393) is a lightweight [PowerShell](https://attack.mitre.org/techniques/T1059/001) backdoor used by [Turla](https://attack.mitre.org/groups/G0010), possibly as a recovery access tool to install other backdoors.(Citation: ESET Turla PowerShell May 2019)

Platforms· 1

Windows

Uses1

TypeTargetConfidenceTier
SubTechniquePowerShellt1059.001100%live

Attributed to1

TypeTargetConfidenceTier
GroupTurlag001095%live

References

  1. https://attack.mitre.org/software/S0393
  2. https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
POWERTON
Software
POWERSTATS
Software
PowerSploit
Software
POWERSOURCE
Software
LightNeuron
Software
PowerDuke
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.