Skip to content

Hide Navigation Hide TOC

DEADWOOD (787609d5-43b0-5c79-9b88-9788de1a5f6f)

DEADWOOD is wiper malware written in C++ using Boost libraries. DEADWOOD was first observed in an unattributed wiping event in Saudi Arabia in 2019, and has since been incorporated into Agrius operations.[SentinelOne Agrius 2021]

Cluster A Galaxy A Cluster B Galaxy B Level
Agrius (36c70cf2-c7d5-5926-8155-5d3a63e3e55a) Tidal Groups DEADWOOD (787609d5-43b0-5c79-9b88-9788de1a5f6f) Tidal Software 1
DEADWOOD (787609d5-43b0-5c79-9b88-9788de1a5f6f) Tidal Software APT33 (99bbbe25-45af-492f-a7ff-7cbc57828bac) Tidal Groups 1