PowerStallion

Description

(ESET) PowerStallion is a lightweight PowerShell backdoor using Microsoft OneDrive, a storage service in the cloud, as C&C server. The credentials are hardcoded at the beginning of the script.

Names

Name
PowerStallion

Category

Malware

Type

• Backdoor

Information

• https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/

Mitre Attack

• https://attack.mitre.org/software/S0393/

Other Information

Uuid

8ee24910-db8b-454e-a322-aa5a37c51aa9

Last Card Change

2020-04-22