Skip to content

Hide Navigation Hide TOC

TEARDROP (bae20f59-469c-451c-b4ca-70a9a04a1574)

TEARDROP is a memory-only dropper that was discovered on some victim machines during investigations related to the SolarWinds Compromise. It was likely used by APT29 since at least May 2020.[FireEye SUNBURST Backdoor December 2020][Microsoft Deep Dive Solorigate January 2021]

Cluster A Galaxy A Cluster B Galaxy B Level
APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) Tidal Groups TEARDROP (bae20f59-469c-451c-b4ca-70a9a04a1574) Tidal Software 1