Kerrdown (17c28e46-1005-4737-8567-d4ad9f1aefd1)
Kerrdown is a custom downloader that has been used by APT32 since at least 2018 to install spyware from a server on the victim's network.[Amnesty Intl. Ocean Lotus February 2021][Unit 42 KerrDown February 2019]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Kerrdown (17c28e46-1005-4737-8567-d4ad9f1aefd1) | Tidal Software | APT32 (c0fe9859-e8de-4ce1-bc3c-b489e914a145) | Tidal Groups | 1 |