TSCookie (9872ab5a-c76e-4404-91f9-5b745722443b)
TSCookie is a remote access tool (RAT) that has been used by BlackTech in campaigns against Japanese targets.[JPCert TSCookie March 2018][JPCert BlackTech Malware September 2019]. TSCookie has been referred to as PLEAD though more recent reporting indicates a separation between the two.[JPCert PLEAD Downloader June 2018][JPCert BlackTech Malware September 2019]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| TSCookie (9872ab5a-c76e-4404-91f9-5b745722443b) | Tidal Software | BlackTech (528ab2ea-b8f1-44d8-8831-2a89fefd97cb) | Tidal Groups | 1 |