Zebrocy (e317b8a6-1722-4017-be33-717a5a93ef1c)
Zebrocy is a Trojan that has been used by APT28 since at least November 2015. The malware comes in several programming language variants, including C++, Delphi, AutoIt, C#, VB.NET, and Golang. [Palo Alto Sofacy 06-2018][Unit42 Cannon Nov 2018][Unit42 Sofacy Dec 2018][CISA Zebrocy Oct 2020]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Zebrocy (e317b8a6-1722-4017-be33-717a5a93ef1c) | Tidal Software | APT28 (5b1a5b9e-4722-41fc-a15d-196a549e3ac5) | Tidal Groups | 1 |