SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.perlbot (Back to overview)

PerlBot

aka: ShellBot, DDoS Perl IrcBot
URLhaus    

There is no description at this point.

References
2020-12-18Trend MicroDavid Fiser
@online{fiser:20201218:teamtnt:3d5abe1, author = {David Fiser}, title = {{TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger}}, date = {2020-12-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/l/teamtnt-now-deploying-ddos-capable-irc-bot-tntbotinger.html}, language = {English}, urldate = {2020-12-23} } TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger
PerlBot TNTbotinger TeamTNT
2020-12-10US-CERTUS-CERT, FBI, MS-ISAC
@online{uscert:20201210:alert:a5ec77e, author = {US-CERT and FBI and MS-ISAC}, title = {{Alert (AA20-345A): Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data}}, date = {2020-12-10}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa20-345a}, language = {English}, urldate = {2020-12-11} } Alert (AA20-345A): Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
PerlBot Shlayer Agent Tesla Cerber Dridex Ghost RAT Kovter Maze MedusaLocker Nanocore RAT Nefilim Ransomware REvil Ryuk Zeus
2020-09-22Twitter (@Nocturnus)Cybereason Nocturnus
@online{nocturnus:20200922:outlaw:e50621a, author = {Cybereason Nocturnus}, title = {{Tweet on Outlaw Group using IRCBot, SSH bruteforce tool, port Scanner, and an XMRIG crypto miner for their hacking operation}}, date = {2020-09-22}, organization = {Twitter (@Nocturnus)}, url = {https://twitter.com/Nocturnus/status/1308430959512092673}, language = {English}, urldate = {2020-09-25} } Tweet on Outlaw Group using IRCBot, SSH bruteforce tool, port Scanner, and an XMRIG crypto miner for their hacking operation
PerlBot
2020-05-18Palo Alto Networks Unit 42Asher Davila, Yang Ji
@online{davila:20200518:eleethub:d605473, author = {Asher Davila and Yang Ji}, title = {{Eleethub: A Cryptocurrency Mining Botnet with Rootkit for Self-Hiding}}, date = {2020-05-18}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/los-zetas-from-eleethub-botnet/}, language = {English}, urldate = {2020-05-20} } Eleethub: A Cryptocurrency Mining Botnet with Rootkit for Self-Hiding
PerlBot
2019-02-05JaskRod Soto, Darren Spruell, Kevin Stear
@techreport{soto:20190205:path:7de2c6b, author = {Rod Soto and Darren Spruell and Kevin Stear}, title = {{The Path of an Outlaw, a Shellbot Campaign}}, date = {2019-02-05}, institution = {Jask}, url = {https://jask.com/wp-content/uploads/2019/02/Shellbot-Campaign_v2.pdf}, language = {English}, urldate = {2019-12-10} } The Path of an Outlaw, a Shellbot Campaign
PerlBot
2018-11Trend MicroTrendmicro
@techreport{trendmicro:201811:perlbased:542ede8, author = {Trendmicro}, title = {{Perl-Based Shellbot Looks to Target Organizations via C&C}}, date = {2018-11}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/Perl-Based_Shellbot_Looks_to_Target_Organizations_via_C&C_appendix.pdf}, language = {English}, urldate = {2020-01-07} } Perl-Based Shellbot Looks to Target Organizations via C&C
Haiduc PerlBot

There is no Yara-Signature yet.