EDRSandBlast (fbd2d7b0-0aa8-459f-8bfa-16daae769282)

An open-source, multi-purpose tool with defense evasion, credential dumping, and privilege escalation capabilities, observed in use during ransomware intrusions.^{[GitHub wavestone-cdt EDRSandBlast]}^{[Morphisec September 3 2024]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Cicada3301 Ransomware Group (7a28cff6-80df-49e1-8457-a0305e736897)	Tidal Groups	EDRSandBlast (fbd2d7b0-0aa8-459f-8bfa-16daae769282)	Tidal Software	1