WellMess (20725ec7-ee35-44cf-bed6-91158aa03ce4)
WellMess is lightweight malware family with variants written in .NET and Golang that has been in use since at least 2018 by APT29.[CISA WellMess July 2020][PWC WellMess July 2020][NCSC APT29 July 2020]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) | Tidal Groups | WellMess (20725ec7-ee35-44cf-bed6-91158aa03ce4) | Tidal Software | 1 |