xHunt Campaign: Recently exposed backdoors using deleted email drafts

The TriFive and Snugy backdoors are PowerShell scripts that provide backdoor access to the compromised Exchange server, using different command and control (C2) channels to communicate with the actors.