NICECURL (Deprecated) (9d3fd630-1ba8-4d14-907f-f3bdc5a13fa3)
We are no longer maintaining this object in favor of a similar object subsequently published by MITRE: "NICECURL" (Software). All relevant Tidal content extensions (e.g. additional Technique and Object relationships and metadata) have been added to the MITRE-authored object.
NICECURL is a custom backdoor developed and used by Iranian espionage group APT42. It is usually delivered via phishing attacks and serves as a post-compromise command execution and malware ingress capability.[Mandiant Uncharmed May 1 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| APT42 (Deprecated) (ce126445-6984-45bb-9737-35448f06f27b) | Tidal Groups | NICECURL (Deprecated) (9d3fd630-1ba8-4d14-907f-f3bdc5a13fa3) | Tidal Software | 1 |