Ruler (69563cbd-7dc1-4396-b576-d5886df11046)
Ruler is a tool to abuse Microsoft Exchange services. It is publicly available on GitHub and the tool is executed via the command line. The creators of Ruler have also released a defensive tool, NotRuler, to detect its usage.[SensePost Ruler GitHub][SensePost NotRuler]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Ruler (69563cbd-7dc1-4396-b576-d5886df11046) | Tidal Software | APT33 (99bbbe25-45af-492f-a7ff-7cbc57828bac) | Tidal Groups | 1 |