Sibot (ea0a1282-f2bf-4ae0-a19c-d7e379c2309b)
Sibot is dual-purpose malware written in VBScript designed to achieve persistence on a compromised system as well as download and execute additional payloads. Microsoft discovered three Sibot variants in early 2021 during its investigation of APT29 and the SolarWinds Compromise.[MSTIC NOBELIUM Mar 2021]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) | Tidal Groups | Sibot (ea0a1282-f2bf-4ae0-a19c-d7e379c2309b) | Tidal Software | 1 |