OilBooster (Deprecated) (01f8ef57-5c22-4dad-9300-12c0b0d63c1f)
We are no longer maintaining this object in favor of a similar object subsequently published by MITRE: "OilBooster" (Software). All relevant Tidal content extensions (e.g. additional Technique and Object relationships and metadata) have been added to the MITRE-authored object.
This is one of a series of malicious downloaders attributed to Iran-linked espionage actor OilRig, which were found to rely on legitimate cloud service providers for command and control purposes.[ESET OilRig December 14 2023]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| OilRig (d01abdb1-0378-4654-aa38-1a4a292703e2) | Tidal Groups | OilBooster (Deprecated) (01f8ef57-5c22-4dad-9300-12c0b0d63c1f) | Tidal Software | 1 |