NICECURL (9d3fd630-1ba8-4d14-907f-f3bdc5a13fa3)
NICECURL is a custom backdoor developed and used by Iranian espionage group APT42. It is usually delivered via phishing attacks and serves as a post-compromise command execution and malware ingress capability.[Mandiant Uncharmed May 1 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| NICECURL (9d3fd630-1ba8-4d14-907f-f3bdc5a13fa3) | Tidal Software | APT42 (ce126445-6984-45bb-9737-35448f06f27b) | Tidal Groups | 1 |