 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: PowHeartBeat| Names | PowHeartBeat | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (ESET) PowHeartBeat is a full-featured backdoor written in PowerShell, obfuscated using various techniques such as compression, encoding, and encryption. Based on ESET telemetry, we believe PowHeartBeat replaced CLRLoad in more recent Worok campaigns as the tool used to launch PNGLoad. | |
| Information | <https://www.welivesecurity.com/2022/09/06/worok-big-picture/> | |
Last change to this tool card: 13 September 2022
Download this tool card in JSON format
Previous: PowGoop
Next: POWRUNER
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Worok |  | 2020 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Infrastructure and Security Department Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |