AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)

AdFind is a free command-line query tool that can be used for gathering information from Active Directory.^{[Red Canary Hospital Thwarted Ryuk October 2020]}^{[FireEye FIN6 Apr 2019]}^{[FireEye Ryuk and Trickbot January 2019]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
FIN6 (fcaadc12-7c17-4946-a9dc-976ed610854c)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
menuPass (fb93231d-2ae4-45da-9dea-4c372a11f322)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
TA505 (b3220638-6682-4a4e-ab64-e7dc4202a3f1)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	FIN7 (4348c510-50fc-4448-ab8d-c8cededd19ff)	Tidal Groups	1
Wizard Spider (0b431229-036f-4157-a1da-ff16dfc095f8)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
Akira Ransomware Actors (0fcb2205-e75b-46c9-ac54-00f218d5e331)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
LockBit Ransomware Actors & Affiliates (d0f3353c-fbdd-4bd5-8793-a42e1f319b59)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447)	Tidal Groups	1
Royal Ransomware Actors (86b97a39-49c3-431e-bcc8-f4e13dbfcdf5)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
Play Ransomware Actors (6eb50f82-86cc-4eff-b1d1-66e1c6fd74f3)	Tidal Groups	AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	1
AdFind (70559096-2a6b-4388-97e6-c2b16f3be78e)	Tidal Software	BlackCat Ransomware Actors & Affiliates (33159d02-a1ce-49ec-a381-60b069db66f7)	Tidal Groups	1