ODAgent (Deprecated) (0dd8fad0-9f4a-487d-b3f7-570bd2046e8a)
We are no longer maintaining this object in favor of a similar object subsequently published by MITRE: "ODAgent" (Software). All relevant Tidal content extensions (e.g. additional Technique and Object relationships and metadata) have been added to the MITRE-authored object.
This is one of a series of malicious downloaders attributed to Iran-linked espionage actor OilRig, which were found to rely on legitimate cloud service providers for command and control purposes.[ESET OilRig December 14 2023]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| OilRig (d01abdb1-0378-4654-aa38-1a4a292703e2) | Tidal Groups | ODAgent (Deprecated) (0dd8fad0-9f4a-487d-b3f7-570bd2046e8a) | Tidal Software | 1 |