In addition to its longstanding password spraying attacks, Microsoft says Iran-backed hacker group Peach Sandstorm— or APT 33—has developed custom malware dubbed “Tickler.”
https://www.wired.com/story/iran-peach-sandworm-tickler-backdoor/
https://www.wired.com/story/iran-peach-sandworm-tickler-backdoor/