OilCheck (Deprecated) (f41dcc5a-017d-4e79-86c1-c7055bd3b513)
We are no longer maintaining this object in favor of a similar object subsequently published by MITRE: "OilCheck" (Software). All relevant Tidal content extensions (e.g. additional Technique and Object relationships and metadata) have been added to the MITRE-authored object.
This is one of a series of malicious downloaders attributed to Iran-linked espionage actor OilRig, which were found to rely on legitimate cloud service providers for command and control purposes.[ESET OilRig December 14 2023]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| OilCheck (Deprecated) (f41dcc5a-017d-4e79-86c1-c7055bd3b513) | Tidal Software | OilRig (d01abdb1-0378-4654-aa38-1a4a292703e2) | Tidal Groups | 1 |