Qilin Ransomware (3b78dda9-d273-4ffc-9a9f-75e80178c7b2)
Qilin (also known as Agenda) is a ransomware discovered in 2022. Attacks by threat actors deploying Qilin increased considerably in Q1 2024, impacting organizations in a wide range of sectors and locations across the globe.[Trend Micro March 26 2024]
The ransomware's capabilities have evolved over time, and multiple Qilin/Agenda variants and versions have been observed. The techniques featured in this object mainly derive from a variant observed in February 2024 written in the Rust programming language. A variant focused on encrypting Linux-based virtual machine servers can be found in the separate "Qilin Ransomware (Linux)" Software object.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Qilin Ransomware (3b78dda9-d273-4ffc-9a9f-75e80178c7b2) | Tidal Software | Scattered Spider (3d77fb6c-cfb4-5563-b0be-7aa1ad535337) | Tidal Groups | 1 |