Backdoor.Oldrea (f7cc5974-767c-4cb4-acc7-36295a386ce5)

Backdoor.Oldrea is a modular backdoor that used by Dragonfly against energy companies since at least 2013. Backdoor.Oldrea was distributed via supply chain compromise, and included specialized modules to enumerate and map ICS-specific systems, processes, and protocols.^{[Symantec Dragonfly]}^{[Gigamon Berserk Bear October 2021]}^{[Symantec Dragonfly Sept 2017]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Dragonfly (472080b0-e3d4-4546-9272-c4359fe856e1)	Tidal Groups	Backdoor.Oldrea (f7cc5974-767c-4cb4-acc7-36295a386ce5)	Tidal Software	1