VIRTUALPIE (VMware ESXi) (f835211e-1e40-4c56-be77-213db34045eb)
VIRTUALPIE (VMware ESXi) is a lightweight backdoor written in Python that spawns a daemonized IPv6 listener on a hardcoded port on a VMware ESXi server. It supports arbitrary command line execution, file transfer capabilities, and reverse shell capabilities. Communications use a custom protocol and are encrypted using RC4.[Google Cloud September 29 2022]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| UNC3886 (23af694a-11f4-43eb-a176-683059b301cb) | Tidal Groups | VIRTUALPIE (VMware ESXi) (f835211e-1e40-4c56-be77-213db34045eb) | Tidal Software | 1 |