PoisonIvy2

PoisonIvy 2005 Gin-derived APT tool. VBOX detection. Helpstore.exe. Using APT1/APT10/Naikon. 2008 source is yours.

Threat Profile
Type RAT
Programming LanguageDelphi/C
C2 ProtocolTCP/Custom
First Seen2005
Targets Devlet Hedefleri
Purpose / Capabilities
  • Remote Access+Espionage
No C2 servers have been identified for this family yet.

Research Reports (1)

Medium

PoisonIvy -- Helpstore.exe VBOX VirtualBox Tespiti, Anti-Debug IsDebuggerPresent | Orta

PoisonIvy 1.6MB Helpstore.exe. VBOX VirtualBox string tespiti. IsDebuggerPresent anti-debug. Cin APT aracı.

Read Report →