Ixeshe
[Ixeshe] is a malware family that has been used since at least 2009 against targets in East Asia. (Citation: Moran 2013)
Micropsia
[Micropsia] is a remote access tool written in Delphi.(Citation: Talos Micropsia June 2017)(Citation: Radware Micropsia July 2018)
RARSTONE
[RARSTONE] is malware used by the [Naikon](https://attack.mitre.org/groups/G0019) group that has some characteristics similar to [PlugX](https://attack.mitre.org/software/S0013). (Citation: Aquino RARSTONE)
VBShower
[VBShower] is a backdoor that has been used by [Inception](https://attack.mitre.org/groups/G0100) since at least 2019. [VBShower] has been used as a downloader for second stage payloads, including [PowerShower](https://attack.mitre.org/software/S0441).(Citation: Kaspersky Cloud Atlas August 2019)
Catchamas
[Catchamas] is a Windows Trojan that steals information from compromised systems. (Citation: Symantec Catchamas April 2018)
StoneDrill
[StoneDrill] is wiper malware discovered in destructive campaigns against both Middle Eastern and European targets in association with [APT33](https://attack.mitre.org/groups/G0064).(Citation: FireEye APT33 Sept 2017)(Citation: Kaspersky StoneDrill 2017)
OopsIE
[OopsIE] is a Trojan used by [OilRig](https://attack.mitre.org/groups/G0049) to remotely execute commands as well as upload/download files to/from victims. (Citation: Unit 42 OopsIE! Feb 2018)
4H RAT
[4H RAT] is malware that has been used by [Putter Panda](https://attack.mitre.org/groups/G0024) since at least 2007. (Citation: CrowdStrike Putter Panda)
RogueRobin
[RogueRobin] is a payload used by [DarkHydrus](https://attack.mitre.org/groups/G0079) that has been developed in PowerShell and C#. (Citation: Unit 42 DarkHydrus July 2018)(Citation: Unit42 DarkHydrus Jan 2019)
Attor
[Attor] is a Windows-based espionage platform that has been seen in use since 2013. [Attor] has a loadable plugin architecture to customize functionality for specific targets.(Citation: ESET Attor Oct 2019)