FALLCHILL (ea47f1fd-0171-4254-8c92-92b7a5eec5e1)
FALLCHILL is a RAT that has been used by Lazarus Group since at least 2016 to target the aerospace, telecommunications, and finance industries. It is usually dropped by other Lazarus Group malware or delivered when a victim unknowingly visits a compromised website. [US-CERT FALLCHILL Nov 2017]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
FALLCHILL (ea47f1fd-0171-4254-8c92-92b7a5eec5e1) | Tidal Software | Lazarus Group (0bc66e95-de93-4de7-b415-4041b7191f08) | Tidal Groups | 1 |