S0270Windows

S0270RogueRobin

Platforms
1
ATT&CK
14.1
References
3

Description

[RogueRobin](https://attack.mitre.org/software/S0270) is a payload used by [DarkHydrus](https://attack.mitre.org/groups/G0079) that has been developed in PowerShell and C#. (Citation: Unit 42 DarkHydrus July 2018)(Citation: Unit42 DarkHydrus Jan 2019) Documented platforms: Windows. Attributed to ATT&CK group: DarkHydrus. Catalogued in ATT&CK 14.1. 3 references curated.

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupDarkHydrusg0079100%live

References

  1. https://attack.mitre.org/software/S0270
  2. https://researchcenter.paloaltonetworks.com/2018/07/unit42-new-threat-actor-group-darkhydrus-targets-middle-east-government/
  3. https://unit42.paloaltonetworks.com/darkhydrus-delivers-new-trojan-that-can-use-google-drive-for-c2-communications/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
QUADAGENT
Software
Revenge RAT
Software
Darkmoon
Software
Drovorub
Software
RobbinHood
Software
POWERTON
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.