BianLian Ransomware (Encryptor) (252f56c2-4c85-4a19-8451-371cb04c6ceb)
This Software object represents the custom Go encryptor tool (encryptor.exe) used during intrusions conducted by the BianLian Ransomware Group.[U.S. CISA BianLian Ransomware May 2023]. The tool will skip encryption of files based on a hardcoded file extension exclusion list.[BianLian Ransomware Gang Gives It a Go! | [redacted]]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| BianLian Ransomware Group (a2add2a0-2b54-4623-a380-a9ad91f1f2dd) | Tidal Groups | BianLian Ransomware (Encryptor) (252f56c2-4c85-4a19-8451-371cb04c6ceb) | Tidal Software | 1 |