S1047Windows

S1047Mori

Platforms
1
ATT&CK
14.1
References
3

Description

[Mori](https://attack.mitre.org/software/S1047) is a backdoor that has been used by [MuddyWater](https://attack.mitre.org/groups/G0069) since at least January 2022.(Citation: DHS CISA AA22-055A MuddyWater February 2022)(Citation: CYBERCOM Iranian Intel Cyber January 2022) Documented platforms: Windows. Attributed to ATT&CK group: MuddyWater. Catalogued in ATT&CK 14.1. 3 references curated.

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupMuddyWaterg006995%live

References

  1. https://attack.mitre.org/software/S1047
  2. https://www.cybercom.mil/Media/News/Article/2897570/iranian-intel-cyber-suite-of-malware-uses-open-source-tools/
  3. https://www.cisa.gov/uscert/ncas/alerts/aa22-055a

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
STARWHALE
Software
StrifeWater
Software
Small Sieve
Software
Turian
Software
Mongall
Software
Heyoka Backdoor
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.