TEARDROP (bae20f59-469c-451c-b4ca-70a9a04a1574)
TEARDROP is a memory-only dropper that was discovered on some victim machines during investigations related to the SolarWinds Compromise. It was likely used by APT29 since at least May 2020.[FireEye SUNBURST Backdoor December 2020][Microsoft Deep Dive Solorigate January 2021]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| TEARDROP (bae20f59-469c-451c-b4ca-70a9a04a1574) | Tidal Software | APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) | Tidal Groups | 1 |