BLACKCOFFEE (e85e2fca-9347-4448-bfc1-342f29d5d6a1)

BLACKCOFFEE is malware that has been used by several Chinese groups since at least 2013. ^{[FireEye APT17]} ^{[FireEye Periscope March 2018]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
APT41 (502223ee-8947-42f8-a532-a3b3da12b7d9)	Tidal Groups	BLACKCOFFEE (e85e2fca-9347-4448-bfc1-342f29d5d6a1)	Tidal Software	1
APT17 (5f083251-f5dc-459a-abfc-47a1aa7f5094)	Tidal Groups	BLACKCOFFEE (e85e2fca-9347-4448-bfc1-342f29d5d6a1)	Tidal Software	1
BLACKCOFFEE (e85e2fca-9347-4448-bfc1-342f29d5d6a1)	Tidal Software	Leviathan (eadd78e3-3b5d-430a-b994-4360b172c871)	Tidal Groups	1