Troll Stealer (9d4c38dc-6549-5bde-9ce4-a54ae8ca596e)
Troll Stealer is an information stealer written in Go associated with Kimsuky operations. Troll Stealer has typically been delivered through a dropper disguised as a legitimate security program installation file. Troll Stealer features code similar to AppleSeed, also uniquely associated with Kimsuky operations.[S2W Troll Stealer 2024][Symantec Troll Stealer 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Troll Stealer (9d4c38dc-6549-5bde-9ce4-a54ae8ca596e) | Tidal Software | Kimsuky (37f317d8-02f0-43d4-8a7d-7a65ce8aadf1) | Tidal Groups | 1 |