Sisfader (b533439d-b060-4c90-80e0-9dce67b0c6fb)
Sisfader maintains persistence installing itself as a system service, it is made up of multiple components ([1] Dropper - installing the malware, [2] Agent - main code of the RAT, [3] Config - written to the registry, [4] Auto Loader - responsible for extracting the Agent, the Config from the registry) and it has its own custom protocol for communication.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Sisfader (b533439d-b060-4c90-80e0-9dce67b0c6fb) | RAT | Sisfader (0fba78fc-47a1-45e1-b5df-71bcabd23b5d) | Malpedia | 1 |