NirSoft (efa5fff4-f6db-4719-91c7-97dbe93099a8)
NirSoft is a self-described "freeware" utility that can be used to recover passwords.[NirSoft Website] According to U.S. cybersecurity authorities, ransomware actors such as those associated with the Royal ransomware operation have used the NirSoft utility to harvest passwords for malicious purposes.[#StopRansomware: Royal Ransomware | CISA]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
NirSoft (efa5fff4-f6db-4719-91c7-97dbe93099a8) | Tidal Software | Phobos Ransomware Actors (f138c814-48c0-4638-a4d6-edc48e7ac23a) | Tidal Groups | 1 |