Sardonic (9ab0d523-3496-5e64-9ca1-bb756f5e64e0)
Sardonic is a backdoor written in C and C++ that is known to be used by FIN8, as early as August 2021 to target a financial institution in the United States. Sardonic has a plugin system that can load specially made DLLs and execute their functions.[Bitdefender Sardonic Aug 2021][Symantec FIN8 Jul 2023]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| FIN8 (b3061284-0335-4dcb-9f8e-a3b0412fd46f) | Tidal Groups | Sardonic (9ab0d523-3496-5e64-9ca1-bb756f5e64e0) | Tidal Software | 1 |