BlackMould (da348a51-d047-4144-9ba4-34d2ce964a11)
BlackMould is a web shell based on China Chopper for servers running Microsoft IIS. First reported in December 2019, it has been used in malicious campaigns by GALLIUM against telecommunication providers.[Microsoft GALLIUM December 2019]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| GALLIUM (15ff1ce0-44f0-4f1d-a4ef-83444570e572) | Tidal Groups | BlackMould (da348a51-d047-4144-9ba4-34d2ce964a11) | Tidal Software | 1 |