Hide Navigation Hide TOC

AzCopy (aab3287b-932a-4208-af5e-d10abffb188b)

AzCopy is a command line tool that enables Azure storage data transfers. It facilitates file transfer activity for Azure Storage Explorer, another legitimate utility that has been abused by ransomware operations like the BianLian and Rhysida gangs.^{[modePUSH Azure Storage Explorer September 14 2024]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
BianLian Ransomware Group (a2add2a0-2b54-4623-a380-a9ad91f1f2dd)	Tidal Groups	AzCopy (aab3287b-932a-4208-af5e-d10abffb188b)	Tidal Software	1
Rhysida Ransomware Actors (0610cd57-2511-467a-97e3-3c810384074f)	Tidal Groups	AzCopy (aab3287b-932a-4208-af5e-d10abffb188b)	Tidal Software	1