Skip to content

Hide Navigation Hide TOC

WinRAR (d9792748-b81a-4d82-a45e-de05c2a23dbf)

According to its website, WinRAR is a "data compression, encryption and archiving tool for Windows", which is designed to process RAR and ZIP files.[WinRAR Website] It is known to be abused by threat actors in order to archive (compress) files prior to their exfiltration from victim environments.[U.S. CISA Play Ransomware December 2023]

Cluster A Galaxy A Cluster B Galaxy B Level
Akira Ransomware Actors (0fcb2205-e75b-46c9-ac54-00f218d5e331) Tidal Groups WinRAR (d9792748-b81a-4d82-a45e-de05c2a23dbf) Tidal Software 1
Play Ransomware Actors (6eb50f82-86cc-4eff-b1d1-66e1c6fd74f3) Tidal Groups WinRAR (d9792748-b81a-4d82-a45e-de05c2a23dbf) Tidal Software 1