S0269Windows

S0269QUADAGENT

Platforms
1
ATT&CK
14.1
References
2

Description

[QUADAGENT](https://attack.mitre.org/software/S0269) is a PowerShell backdoor used by [OilRig](https://attack.mitre.org/groups/G0049). (Citation: Unit 42 QUADAGENT July 2018) Documented platforms: Windows. Attributed to ATT&CK group: OilRig. Catalogued in ATT&CK 14.1. 2 references curated. Documented platforms: Windows. Attributed to ATT&CK groups: OilRig, OilRig. Catalogued in ATT&CK 14.1. 2 references curated.

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupOilRigg0049100%live

References

  1. https://attack.mitre.org/software/S0269
  2. https://researchcenter.paloaltonetworks.com/2018/07/unit42-oilrig-targets-technology-service-provider-government-agency-quadagent/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
POWERSTATS
Software
RDAT
Software
POWERTON
Software
ISMInjector
Software
BONDUPDATER
Software
PowerDuke
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.