Home > List all groups > List all tools > List all groups using tool VIRTUALPIE

Threat Group Cards: A Threat Actor Encyclopedia

Names	VIRTUALPIE
Category	Malware
Type	Backdoor
Description	(Mandiant) VIRTUALPIE is a lightweight backdoor written in Python that spawns a daemonized IPv6 listener on a hardcoded port on a VMware ESXi server. It supports arbitrary command line execution, file transfer capabilities, and reverse shell capabilities. Communications use a custom protocol and are encrypted using RC4.
Information	<https://cloud.google.com/blog/topics/threat-intelligence/esxi-hypervisors-malware-persistence>

Last change to this tool card: 26 August 2024

Download this tool card in JSON format

1 group listed (1 APT, 0 other, 0 unknown)

APT groups