Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:55:40 UTC
Home > List all groups > List all tools > List all groups using tool RGDoor
 Tool: RGDoor
Names RGDoor
Category Malware
Type Backdoor, Info stealer
Description
RGDoor is a malicious Internet Information Services (IIS) backdoor developed in the
C++ language. RGDoor has been seen deployed on webservers belonging to the Middle
East government organizations. RGDoor provides backdoor access to compromised IIS
servers.
Information
MITRE ATT&CK Malpedia Last change to this tool card: 14 May 2020
Download this tool card in JSON format
All groups using tool RGDoor
Changed Name Country Observed
APT groups
 OilRig, APT 34, Helix Kitten, Chrysene 2014-Sep 2024
1 group listed (1 APT, 0 other, 0 unknown)
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=260ce10a-405e-4723-a836-5430dcf54336
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=260ce10a-405e-4723-a836-5430dcf54336
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=260ce10a-405e-4723-a836-5430dcf54336
Page 2 of 2

APT groups OilRig, APT 34, Helix Kitten, Chrysene 2014-Sep 2024 
1 group listed (1 APT, 0 other, 0 unknown) 
   Page 1 of 2