PowerExchange

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[PowerExchange](https://attack.mitre.org/software/S1173) is a PowerShell backdoor that has been used by [OilRig](https://attack.mitre.org/groups/G0049) since at least 2023 including against government targets in the Middle East.(Citation: Symantec Crambus OCT 2023)

Tecniche Associate (5)

ID	ATT&CK	Tattiche
T1041	Exfiltration Over C2 Channel	-
T1059.001	PowerShell	-
T1071.003	Mail Protocols	-
T1105	Ingress Tool Transfer	-
T1140	Deobfuscate/Decode Files or Information	-

Usato da Attori (1)

OilRig
Nation-state

Metadata

ID:	113
Created:	13/01/2026 17:48
Updated:	07/03/2026 16:00