BendyBear (a114a498-fcfd-4e0a-9d1e-e26750d71af8)
BendyBear is an x64 shellcode for a stage-zero implant designed to download malware from a C2 server. First discovered in August 2020, BendyBear shares a variety of features with Waterbear, malware previously attributed to the Chinese cyber espionage group BlackTech.[Unit42 BendyBear Feb 2021]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| BendyBear (a114a498-fcfd-4e0a-9d1e-e26750d71af8) | Tidal Software | BlackTech (528ab2ea-b8f1-44d8-8831-2a89fefd97cb) | Tidal Groups | 1 |