POSHSPY (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-05 18:53:33 UTC
ps1.poshspy (Back to overview)
POSHSPY
Actor(s): APT 29
There is no description at this point.
References
2017-04-04 ⋅ GitHub (matthewdunwoody) ⋅ Matthew Dunwoody
POSHSPY backdoor code
POSHSPY
2017-04-03 ⋅ FireEye ⋅ Matthew Dunwoody
Dissecting One of APT29’s Fileless WMI and PowerShell Backdoors (POSHSPY)
POSHSPY APT29
There is no Yara-Signature yet.
Source: https://malpedia.caad.fkie.fraunhofer.de/details/ps1.poshspy
https://malpedia.caad.fkie.fraunhofer.de/details/ps1.poshspy
Page 1 of 1