The author describes Octopus as an "open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S."
It is different from the malware win.octopus written in Delphi and attributed to DustSquad by Kaspersky Labs.
|2022-05-09 ⋅ InfoSec Handlers Diary Blog ⋅ |
Octopus Backdoor is Back with a New Embedded Obfuscated Bat File
|2021-02-24 ⋅ Malwarebytes ⋅ |
LazyScripter: From Empire to double RAT
|2021-01-07 ⋅ Recorded Future ⋅ |
Aversary Infrastructure Report 2020: A Defender's View
Octopus pupy Cobalt Strike Empire Downloader Meterpreter PoshC2
|2020-12-24 ⋅ InfoSec Handlers Diary Blog ⋅ |
Malicious Word Document Delivering an Octopus Backdoor
|2019-08-30 ⋅ Github (mhaskar) ⋅ |
Github Repository of Octopus
There is no Yara-Signature yet.