RotaJakiro (169bfcf6-544c-5824-a7cd-2d5070304b57)
RotaJakiro is a 64-bit Linux backdoor used by APT32. First seen in 2018, it uses a plugin architecture to extend capabilities. RotaJakiro can determine it's permission level and execute according to access type (root or user).[RotaJakiro 2021 netlab360 analysis][netlab360 rotajakiro vs oceanlotus]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| RotaJakiro (169bfcf6-544c-5824-a7cd-2d5070304b57) | Tidal Software | APT32 (c0fe9859-e8de-4ce1-bc3c-b489e914a145) | Tidal Groups | 1 |