Add Exaramel and P.A.S. webshell tool.

This commit is contained in:
Thomas Dupuy 2021-02-15 12:52:53 -05:00
parent 9f1fcbd1c5
commit 4a7560d191

View file

@ -8235,7 +8235,43 @@
"related": [], "related": [],
"uuid": "1974ea65-7312-4d91-a592-649983b46554", "uuid": "1974ea65-7312-4d91-a592-649983b46554",
"value": "Caterpillar WebShell" "value": "Caterpillar WebShell"
},
{
"description": "The P.A.S. webshell was developed by an ukrainian student, Jaroslav Volodimirovich Panchenko, who used the nick-name Profexer. It was developed in PHP and features a characteristic password-based encryption. This tool was available through a form on his website, where a user had to provide a password to receive a custom webshell. The form suggested a donation to the developer. It was commonly used, including during a WORDPRESS website attack.",
"meta": {
"refs": [
"https://us-cert.cisa.gov/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity",
"https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf"
],
"synonyms": [
"Fobushell"
],
"type": [
"webshell"
]
},
"related": [],
"uuid": "6baa1f46-daa9-4f40-952b-ec613c835abb",
"value": "P.A.S. webshell"
},
{
"description": "",
"meta": {
"refs": [
"https://www.welivesecurity.com/2018/10/11/new-telebots-backdoor-linking-industroyer-notpetya/",
"https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf"
],
"synonyms": [
""
],
"type": [
"backdoor"
]
},
"related": [],
"uuid": "95174297-6dff-47d9-bcb9-263f9b2efcfb",
"value": "Exaramel"
} }
], ],
"version": 141 "version": 142
} }