CreepyDrive

Description

(ESET) CreepyDrive is a PowerShell backdoor that reads and executes commands from a text file stored on OneDrive or Dropbox. It can upload or download files from attacker-controlled accounts in these cloud services, and execute supplied PowerShell code.

Names

Name
CreepyDrive

Category

Malware

Type

• Backdoor
• Downloader
• Exfiltration

Information

• https://www.welivesecurity.com/2022/10/11/polonium-targets-israel-creepy-malware/

Mitre Attack

• https://attack.mitre.org/software/S1023/

Other Information

Uuid

475ac8b6-5cb0-4142-b15f-2e2b1d93380e

Last Card Change

2022-12-30