SYMBOLCOMMON_NAMEaka. SYNONYMS
ps1.octopus (Back to overview)

Octopus


The author describes Octopus as an "open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S."

It is different from the malware win.octopus written in Delphi and attributed to DustSquad by Kaspersky Labs.

References
2021-02-24MalwarebytesHossein Jazi
@techreport{jazi:20210224:lazyscripter:433f4bc, author = {Hossein Jazi}, title = {{LazyScripter: From Empire to double RAT}}, date = {2021-02-24}, institution = {Malwarebytes}, url = {https://resources.malwarebytes.com/files/2021/02/LazyScripter.pdf}, language = {English}, urldate = {2021-02-25} } LazyScripter: From Empire to double RAT
Octopus Koadic
2021-01-07Recorded FutureInsikt Group®
@techreport{group:20210107:aversary:9771829, author = {Insikt Group®}, title = {{Aversary Infrastructure Report 2020: A Defender's View}}, date = {2021-01-07}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2021-0107.pdf}, language = {English}, urldate = {2021-01-11} } Aversary Infrastructure Report 2020: A Defender's View
Octopus pupy Cobalt Strike Empire Downloader Meterpreter PoshC2
2020-12-24InfoSec Handlers Diary BlogXavier Mertens
@online{mertens:20201224:malicious:df6eb1a, author = {Xavier Mertens}, title = {{Malicious Word Document Delivering an Octopus Backdoor}}, date = {2020-12-24}, organization = {InfoSec Handlers Diary Blog}, url = {https://isc.sans.edu/diary/26918}, language = {English}, urldate = {2021-01-04} } Malicious Word Document Delivering an Octopus Backdoor
Octopus
2019-08-30Github (mhaskar)Askar
@online{askar:20190830:github:81bb2c2, author = {Askar}, title = {{Github Repository of Octopus}}, date = {2019-08-30}, organization = {Github (mhaskar)}, url = {https://github.com/mhaskar/Octopus}, language = {English}, urldate = {2021-01-04} } Github Repository of Octopus
Octopus

There is no Yara-Signature yet.