SYMBOLCOMMON_NAMEaka. SYNONYMS
win.psix (Back to overview)

PsiX

aka: PsiXBot

According to Matthew Mesa, this is a modular bot. The name stems from the string PsiXMainModule in binaries until mid of September 2018.

In binaries, apart from BotModule and MainModule, references to the following Modules have be observed:
BrowserModule
BTCModule
ComplexModule
KeyLoggerModule
OutlookModule
ProcessModule
RansomwareModule
SkypeModule

References
2022-08-08Medium CSIS TechblogBenoît Ancel
An inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructure
Riltok magecart Anubis Azorult BetaBot Buer CoalaBot CryptBot DiamondFox DreamBot GCleaner ISFB Loki Password Stealer (PWS) MedusaLocker MeguminTrojan Nemty PsiX RedLine Stealer SmokeLoader STOP TinyNuke Vidar Zloader
2020-11-03ComodoComodo
Versions of PsiXBot
PsiX
2019-09-06ProofpointProofpoint Threat Insight Team
PsiXBot Now Using Google DNS over HTTPS and Possible New Sexploitation Module
PsiX
2019-09-05Twitter (@seckle_ch)Daniel Stirnimann
Tweet on DoH
PsiX
2019-08-12ProofpointProofpoint Threat Insight Team
PsiXBot Continues to Evolve with Updated DNS Infrastructure
PsiX
2019-03-27Fox-ITAntonio Parata, Stefano Antenucci
PsiXBot: The Evolution Of A Modular .NET Bot
PsiX
2018-08-30Twitter (@mesa_matt)Matthew Mesa
Tweet on PsiX
PsiX

There is no Yara-Signature yet.