🇨🇳
Aurora Panda
APT Group
Information theft and espionage
ETDA ✓
Also Known As 12 names
APT17
Axiom
BRONZE KEYSTONE
Dogfish
G0001
G0025
Group 72
Group 8
HELIUM
Heart Typhoon
Hidden Lynx
Tailgater Team
Target Countries 14
Countries highlighted in red
Australia
Canada
China
Germany
France
Hong Kong
India
Italy
Japan
Republic of Korea
Singapore
Province of China Taiwan
Ukraine
United States
Sectors Targeted
Engineering
Manufacturing
Healthcare
Data Processing, Hosting, and Related Services
51821
Pharmaceutical
Computer Systems Design Services
541512
Construction
Retail
Industrial
IT
Education
Financial
Defense
Performing Arts, Spectator Sports, and Related Industries
711
Hospitals
622
Food and Agriculture
Non-profit organizations
Promoters of Performing Arts, Sports, and Similar Events
7113
Computer Systems Design and Related Services
54151
Software Publishers
51121
lawyers
Aerospace
Media
Government
Details
Origin
🇨🇳 CN
Last Updated
01 Jun 2022
Malware Families 6
aurora
sorgu
unidentified_075
zwShell
NewCore
darkstrat
MITRE ATT&CK 61
T1001 - Data Obfuscation
T1001.002
T1003
T1003.001
T1005
T1014
T1021
T1021.001
T1027
T1027.002
T1027.013
T1036 - Masquerading
T1038 - DLL Search Order Hijacking
T1053 - Scheduled Task/Job
T1053.001 - At (Linux)
T1053.002 - At (Windows)
T1053.003 - Cron
T1053.006 - Systemd Timers
T1053.007 - Container Orchestration Job
T1055 - Process Injection
T1055.001 - Dynamic-link Library Injection
T1055.002 - Portable Executable Injection
T1055.003 - Thread Execution Hijacking
T1055.004 - Asynchronous Procedure Call
T1055.008 - Ptrace System Calls
T1057
T1059.001
T1070
T1071.001
T1078
T1078.001
T1102
T1105 - Ingress Tool Transfer
T1110
T1189
T1190
T1203
T1204
T1204.001
T1204.002
T1331
T1341
T1342
T1546
T1546.008
T1547 - Boot or Logon Autostart Execution
T1550
T1553
T1560
T1563
T1563.002
T1566 - Phishing
T1566.001
T1566.002
T1583
T1583.002
T1583.003
T1583.006
T1584
T1584.005
T1585