POWRUNER

Description

(FireEye) POWRUNER is a PowerShell script that sends and receives commands to and from the C2 server.

Names

Name
POWRUNER

Category

Malware

Type

• Backdoor

Information

• https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
• https://www.boozallen.com/s/insight/blog/dark-labs-discovers-apt34-malware-variants.html

Mitre Attack

• https://attack.mitre.org/software/S0184/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/ps1.powruner

Alienvault Otx

• https://otx.alienvault.com/browse/pulses?q=tag:powruner

Other Information

Uuid

15f8edbf-1649-4f14-af27-8252da45f845

Last Card Change

2020-05-13