MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add AQUATIC PANDA threat actor.

Browse source
This commit is contained in:
Thomas Dupuy 2022-01-12 13:51:11 -05:00
parent afaf3a3110
commit c792bdd1b7
1 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
clusters/threat-actor.json
View file

@ -8898,7 +8898,18 @@
},
"uuid": "f6d02ac3-3447-4892-b844-1ef31839e04f",
"value": "SideCopy"
},
{
"description": "AQUATIC PANDA is a China-based targeted intrusion adversary with a dual mission of intelligence collection and industrial espionage. It has likely operated since at least May 2020. AQUATIC PANDA operations have primarily focused on entities in the telecommunications, technology and government sectors. AQUATIC PANDA relies heavily on Cobalt Strike, and its toolset includes the unique Cobalt Strike downloader tracked as FishMaster. AQUATIC PANDA has also been observed delivering njRAT payloads to targets.",
"meta": {
"country": "CN",
"refs": [
"https://www.crowdstrike.com/blog/overwatch-exposes-aquatic-panda-in-possession-of-log-4-shell-exploit-tools/"
]
},
"uuid": "676c1129-5664-4698-92ee-031f81baefce",
"value": "AQUATIC PANDA"
}
],
"version": 209
"version": 210
}