ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Cherry Picker

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Cherry Picker

NamesCherry Picker
Cherry Picker POS
CherryPicker POS
cherrypickerpos
cherrypicker
cherry_picker
CategoryMalware
TypePOS malware, Credential stealer
Description(Trustwave) For the last five years Trustwave has been monitoring a threat across a number of forensic cases that we have dubbed 'Cherry Picker'. This targeted Point of Sale (PoS) memory scraper has enjoyed a very low detection rate in the wild for quite some time. Cherry Picker uses a new memory scraping algorithm, a file infector for persistence, and cleaner malware that removes all traces of the infection from target systems. This sophisticated functionality and highly targeted victims have helped the malware remain under the radar of many AV and security companies. This post will expose the functionality of Cherry Picker and hopefully help organizations provide protection from this threat.
Information<https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/shining-the-spotlight-on-cherry-picker-pos-malware/>
<https://www.trustwave.com/Resources/SpiderLabs-Blog/New-Memory-Scraping-Technique-in-Cherry-Picker-PoS-Malware/>
MITRE ATT&CK<https://attack.mitre.org/software/S0107/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.cherry_picker>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:cherry%20picker>

Last change to this tool card: 30 December 2022

Download this tool card in JSON format

Previous: CheeseTray
Next: ChewBacca

All groups using tool Cherry Picker

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]