kl.ps1

Description

(SecureWorks) kl.ps1 is a custom keylogger that is written in PowerShell and leverages elements of the Microsoft .NET Core framework. It captures the window title and keystrokes on infected systems and stores them as Base64-encoded data. It is deployed using a scheduled task and a VBScript file. Figure 2 shows the command line used to run the keylogger script.

Names

Name
kl.ps1

Type

Keylogger

Information

https://www.secureworks.com/blog/lyceum-takes-center-stage-in-middle-east-campaign

Other Information

Uuid

eddbc3bf-640d-4af8-bfd3-d4c446adc0e5

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

kl.ps1

kl.ps1

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks