PocoDown

Description

Uses POCO C++ cross-platform library, XOR-based string obfuscation, SSL library code and string overlap with X-Tunnel, infrastructure overlap with X-Agent, probably in use since mid-2018

Names

Name
PocoDown
Blitz
PocoDownloader

Type

Tunneling

Information

https://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html
https://threatvector.cylance.com/en_us/home/flirting-with-ida-and-apt28.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.pocodown

Other Information

Uuid

96d944a5-4d73-458e-b50e-7e25828061f5

Last Card Change

2022-12-29

Threat Intelligence Garden

Explorer

PocoDown

PocoDown

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks