The Mantis cyber-espionage group also known as Desert Falcon targeted entities within the Palestinian territories with custom backdoors.
The Micropsia backdoor was used to run secondary payloads including a reverse proxy and a data exfiltration tool.
Arid Gopher was also dropped by Micropsia and included a legitimate 7-Zip executable a tool to set persistence and a copy of the legitimate Shortcut.exe utility.