Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)

Atera Agent is a legitimate remote administration tool (specifically a remote management and maintenance ("RMM") solution) that adversaries have used as a command and control tool for remote code execution, tool ingress, and persisting in victim environments.^{[U.S. CISA PaperCut May 2023]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Bl00dy Ransomware Gang (393da13e-016c-41a3-9d89-b33173adecbf)	Tidal Groups	Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	BlackCat Ransomware Actors & Affiliates (33159d02-a1ce-49ec-a381-60b069db66f7)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	MuddyWater (dcb260d8-9d53-404f-9ff5-dbee2c6effe6)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	BlackSuit Ransomware Actors (1d751794-ce94-4936-bf45-4ab86d0e3b6e)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	LockBit Ransomware Actors & Affiliates (d0f3353c-fbdd-4bd5-8793-a42e1f319b59)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	Royal Ransomware Actors (86b97a39-49c3-431e-bcc8-f4e13dbfcdf5)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	Volt Typhoon (4ea1245f-3f35-5168-bd10-1fc49142fd4e)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	Volt Typhoon - Tidal (3290dcb9-5781-4b87-8fa0-6ae820e152cd)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	Luna Moth (cca12ba9-f65f-4a29-87ab-a9fc0f99521f)	Tidal Groups	1
Atera Agent (f8113a9f-a706-46df-8370-a9cef1c75f30)	Tidal Software	BianLian Ransomware Group (a2add2a0-2b54-4623-a380-a9ad91f1f2dd)	Tidal Groups	1