🇨🇳
Hammer Panda
APT Group
Information theft and espionage
1 zero-day CVE
ETDA ✓
Also Known As 7 names
Mustang Panda
Temp.Zhenbao
Earth Preta
RedDelta
Zhenbao
APT21
Twill Typhoon
Target Countries 42
Countries highlighted in red
Afghanistan
Austria
Australia
Bangladesh
Belgium
Belarus
Canada
Chile
China
Germany
Spain
United Kingdom
Greece
Hong Kong
Indonesia
India
Islamic Republic of Iran
Jordan
Japan
Kyrgyzstan
Cambodia
Republic of Korea
Kazakhstan
Lithuania
Morocco
Mongolia
Malaysia
Nepal
Pakistan
Qatar
Russian Federation
Slovenia
Suriname
Syrian Arab Republic
Thailand
Tajikistan
Turkmenistan
Turkey
Province of China Taiwan
Ukraine
United States
Uzbekistan
Sectors Targeted
Scientific research centers and institutes and Tibetan/Uyghur activists
Oil and Gas Extraction
211
National Security and International Affairs
928
Military
Mining, Quarrying, and Oil and Gas Extraction
21
Defense
Government
Embassies
Public Administration
92
Oil and gas
Details
Origin
🇨🇳 CN
Last Updated
01 Jun 2022
MITRE ATT&CK 126
T1001
T1001.003
T1003
T1003.001
T1003.003
T1003.006
T1016
T1018
T1027 - Obfuscated Files or Information
T1027.007
T1027.012
T1027.013
T1027.016
T1036 - Masquerading
T1036.004
T1036.005
T1036.007
T1036.008
T1041
T1046
T1047
T1048
T1048.003
T1049
T1052
T1052.001
T1053
T1053.005
T1055 - Process Injection
T1056 - Input Capture
T1057
T1059
T1059.001
T1059.003
T1059.005
T1059.007
T1069
T1069.002
T1070
T1070.004
T1070.006
T1071
T1071.001
T1072
T1074
T1074.001
T1082
T1083
T1087
T1087.002
T1090
T1091
T1095
T1102
T1105 - Ingress Tool Transfer
T1106 - Native API
T1110 - Brute Force
T1119
T1129
T1134 - Access Token Manipulation
T1140 - Deobfuscate/Decode Files or Information
T1176 - Browser Extensions
T1176.002
T1189 - Drive-by Compromise
T1203
T1204 - User Execution
T1204.001
T1204.002
T1205
T1218
T1218.004
T1218.005
T1218.007
T1218.014
T1219
T1219.001
T1219.002
T1480
T1505
T1505.003
T1518
T1528 - Steal Application Access Token
T1546
T1546.003
T1547
T1547.001
T1553
T1553.002
T1557
T1560
T1560.001
T1560.003
T1564
T1564.001
T1566 - Phishing
T1566.001
T1566.002
T1567
T1567.002
T1572
T1573
T1573.001
T1574 - Hijack Execution Flow
T1574.001
T1574.005
T1583
T1583.001
T1583.006
T1585
T1585.002
T1586
T1586.002
T1587
T1587.001
T1588
T1588.002
T1588.003
T1588.004
T1593
T1598
T1598.003
T1608
T1608.001
T1622
T1654
T1678