Skip to content

S0594 Out1

Out1 is a remote access tool written in python and used by MuddyWater since at least 2021.1

Item Value
ID S0594
Associated Names
Version 1.0
Created 19 March 2021
Last Modified 26 April 2021
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
enterprise T1071 Application Layer Protocol -
enterprise T1071.001 Web Protocols Out1 can use HTTP and HTTPS in communications with remote hosts.1
enterprise T1059 Command and Scripting Interpreter -
enterprise T1059.003 Windows Command Shell Out1 can use native command line for execution.1
enterprise T1005 Data from Local System Out1 can copy files and Registry data from compromised hosts.1
enterprise T1114 Email Collection -
enterprise T1114.001 Local Email Collection Out1 can parse e-mails on a target machine.1
enterprise T1027 Obfuscated Files or Information Out1 has the ability to encode data.1

Groups That Use This Software

ID Name References
G0069 MuddyWater 1