Pisloader (14e65c5d-5164-41a3-92de-67fdd1d529d2)
Pisloader is a malware family that is notable due to its use of DNS as a C2 protocol as well as its use of anti-analysis tactics. It has been used by APT18 and is similar to another malware family, HTTPBrowser, that has been used by the group. [Palo Alto DNS Requests]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| APT18 (a0c31021-b281-4c41-9855-436768299fe7) | Tidal Groups | Pisloader (14e65c5d-5164-41a3-92de-67fdd1d529d2) | Tidal Software | 1 |