FlawedAmmyy (308dbe77-3d58-40bb-b0a5-cd00f152dc60)

FlawedAmmyy is a remote access tool (RAT) that was first seen in early 2016. The code for FlawedAmmyy was based on leaked source code for a version of Ammyy Admin, a remote access software.^{[Proofpoint TA505 Mar 2018]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
TA505 (b3220638-6682-4a4e-ab64-e7dc4202a3f1)	Tidal Groups	FlawedAmmyy (308dbe77-3d58-40bb-b0a5-cd00f152dc60)	Tidal Software	1
FIN6 (fcaadc12-7c17-4946-a9dc-976ed610854c)	Tidal Groups	FlawedAmmyy (308dbe77-3d58-40bb-b0a5-cd00f152dc60)	Tidal Software	1