ShimRatReporter (77d9c948-93e3-4e12-9764-4da7570d9275)
ShimRatReporter is a tool used by suspected Chinese adversary Mofang to automatically conduct initial discovery. The details from this discovery are used to customize follow-on payloads (such as ShimRat) as well as set up faux infrastructure which mimics the adversary's targets. ShimRatReporter has been used in campaigns targeting multiple countries and sectors including government, military, critical infrastructure, automobile, and weapons development.[FOX-IT May 2016 Mofang]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Mofang (8bc69792-c26d-4493-87e3-d8e47605fed8) | Tidal Groups | ShimRatReporter (77d9c948-93e3-4e12-9764-4da7570d9275) | Tidal Software | 1 |