PLEAD (9a890a85-afbe-4c35-a3e7-1adad481bdf7)
PLEAD is a remote access tool (RAT) and downloader used by BlackTech in targeted attacks in East Asia including Taiwan, Japan, and Hong Kong.[TrendMicro BlackTech June 2017][JPCert PLEAD Downloader June 2018] PLEAD has also been referred to as TSCookie, though more recent reporting indicates likely separation between the two. PLEAD was observed in use as early as March 2017.[JPCert TSCookie March 2018][JPCert PLEAD Downloader June 2018]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| PLEAD (9a890a85-afbe-4c35-a3e7-1adad481bdf7) | Tidal Software | BlackTech (528ab2ea-b8f1-44d8-8831-2a89fefd97cb) | Tidal Groups | 1 |