RGDoor (d5649d69-52d4-4198-9683-b250348dea32)
RGDoor is a malicious Internet Information Services (IIS) backdoor developed in the C++ language. RGDoor has been seen deployed on webservers belonging to the Middle East government organizations. RGDoor provides backdoor access to compromised IIS servers. [Unit 42 RGDoor Jan 2018]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| RGDoor (d5649d69-52d4-4198-9683-b250348dea32) | Tidal Software | OilRig (d01abdb1-0378-4654-aa38-1a4a292703e2) | Tidal Groups | 1 |