RGDoor

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[RGDoor](https://attack.mitre.org/software/S0258) is a malicious Internet Information Services (IIS) backdoor developed in the C++ language. [RGDoor](https://attack.mitre.org/software/S0258) has been seen deployed on webservers belonging to the Middle East government organizations. [RGDoor](https://attack.mitre.org/software/S0258) provides backdoor access to compromised IIS servers. (Citation: Unit 42 RGDoor Jan 2018)

Tecniche Associate (7)

ID	ATT&CK	Tattiche
T1033	System Owner/User Discovery	-
T1059.003	Windows Command Shell	-
T1071.001	Web Protocols	-
T1105	Ingress Tool Transfer	-
T1140	Deobfuscate/Decode Files or Information	-
T1505.004	IIS Components	-
T1560.003	Archive via Custom Method	-

Usato da Attori (1)

OilRig
Nation-state

Metadata

ID:	523
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00