Hide Navigation Hide TOC

Sardonic (9ab0d523-3496-5e64-9ca1-bb756f5e64e0)

Sardonic is a backdoor written in C and C++ that is known to be used by FIN8, as early as August 2021 to target a financial institution in the United States. Sardonic has a plugin system that can load specially made DLLs and execute their functions.^{[Bitdefender Sardonic Aug 2021][Symantec FIN8 Jul 2023]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Sardonic (9ab0d523-3496-5e64-9ca1-bb756f5e64e0)	Tidal Software	FIN7 (4348c510-50fc-4448-ab8d-c8cededd19ff)	Tidal Groups	1
Sardonic (9ab0d523-3496-5e64-9ca1-bb756f5e64e0)	Tidal Software	FIN8 (b3061284-0335-4dcb-9f8e-a3b0412fd46f)	Tidal Groups	1