xCaon (11a0dff4-1dc8-4553-8a38-90a07b01bfcd)
xCaon is an HTTP variant of the BoxCaon malware family that has used by IndigoZebra since at least 2014. xCaon has been used to target political entities in Central Asia, including Kyrgyzstan and Uzbekistan.[Checkpoint IndigoZebra July 2021][Securelist APT Trends Q2 2017]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| xCaon (11a0dff4-1dc8-4553-8a38-90a07b01bfcd) | Tidal Software | IndigoZebra (988f5312-834e-48ea-93b7-e6e01ee0938d) | Tidal Groups | 1 |