From dd01813e51b0b9b45b3d085939dcc1733eb7c745 Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Mon, 5 Feb 2024 09:20:10 -0800
Subject: [PATCH] [threat-actors] Add ShaggyPanther

---
 clusters/threat-actor.json | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 503f328..63b2352 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -14813,6 +14813,19 @@
       },
       "uuid": "2f854548-1af0-4f55-acab-4f85ce9f162c",
       "value": "Tomiris"
+    },
+    {
+      "description": "ShaggyPanther is a threat actor that primarily targets government entities in Taiwan and Malaysia. They have been active since 2008 and utilize hidden encrypted payloads in registry keys. Their activities have been detected in various locations, including Indonesia and Syria.",
+      "meta": {
+        "country": "CN",
+        "refs": [
+          "https://securelist.com/ksb-2019-review-of-the-year/95394/",
+          "https://securelist.com/apt-trends-report-q3-2019/94530/",
+          "https://securelist.com/apt-review-of-the-year/89117/"
+        ]
+      },
+      "uuid": "07791d89-64b6-46df-9f67-ccde8c2cbb20",
+      "value": "ShaggyPanther"
     }
   ],
   "version": 299