TEARDROP (bae20f59-469c-451c-b4ca-70a9a04a1574)
TEARDROP is a memory-only dropper that was discovered on some victim machines during investigations related to the SolarWinds Compromise. It was likely used by APT29 since at least May 2020.[FireEye SUNBURST Backdoor December 2020][Microsoft Deep Dive Solorigate January 2021]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) | Tidal Groups | TEARDROP (bae20f59-469c-451c-b4ca-70a9a04a1574) | Tidal Software | 1 |