POWERTON (b3c28750-3825-4e4d-ab92-f39a6b0827dd)
POWERTON is a custom PowerShell backdoor first observed in 2018. It has typically been deployed as a late-stage backdoor by APT33. At least two variants of the backdoor have been identified, with the later version containing improved functionality.[FireEye APT33 Guardrail]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| POWERTON (b3c28750-3825-4e4d-ab92-f39a6b0827dd) | Tidal Software | APT33 (99bbbe25-45af-492f-a7ff-7cbc57828bac) | Tidal Groups | 1 |