ADVSTORESHELL (ef7f4f5f-6f30-4059-87d1-cd8375bf1bee)
ADVSTORESHELL is a spying backdoor that has been used by APT28 from at least 2012 to 2016. It is generally used for long-term espionage and is deployed on targets deemed interesting after a reconnaissance phase. [Kaspersky Sofacy] [ESET Sednit Part 2]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| ADVSTORESHELL (ef7f4f5f-6f30-4059-87d1-cd8375bf1bee) | Tidal Software | APT28 (5b1a5b9e-4722-41fc-a15d-196a549e3ac5) | Tidal Groups | 1 |