PowerBrace

Description

(IBM) PowerBrace is a PowerShell backdoor that supports multiple commands such as command execution, uploading/downloading files, etc. Most of the function names and variable names in PowerBrace have been replaced with MD5 hashes to make the analysis more difficult. Furthermore, many commands are Based64 encoded. It generates a random string as a session key, which is used in communication.

Names

Name
PowerBrace

Type

Backdoor
Exfiltration

Information

https://exchange.xforce.ibmcloud.com/malware-analysis/guid:7ce62d3322cecbb29e55b27cd393b729

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/ps1.powerbrace

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:PowerBrace

Other Information

Uuid

1530863f-0139-4bd1-af9f-fc77f2df36a2

Last Card Change

2021-04-24

Threat Intelligence Garden

Explorer

PowerBrace

PowerBrace

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks