S0093Windows

S0093Backdoor.Oldrea

Platforms
1
ATT&CK
14.1
References
4

Description

[Backdoor.Oldrea](https://attack.mitre.org/software/S0093) is a modular backdoor that used by [Dragonfly](https://attack.mitre.org/groups/G0035) against energy companies since at least 2013. [Backdoor.Oldrea](https://attack.mitre.org/software/S0093) was distributed via supply chain compromise, and included specialized modules to enumerate and map ICS-specific systems, processes, and protocols.(Citation: Symantec Dragonfly)(Citation: Gigamon Berserk Bear October 2021)(Citation: Symantec Dragonfly Sept 2017)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0093
  2. https://vblocalhost.com/uploads/VB2021-Slowik.pdf
  3. https://docs.broadcom.com/doc/dragonfly_threat_against_western_energy_suppliers
  4. https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
RDAT
Software
Epic
Software
GreyEnergy
Software
Heyoka Backdoor
Software
PowerStallion
Software
Trojan.Karagany
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.