Emissary Panda

China

Details

EMISSARY PANDA is a China-nexus adversary active since at least 2013. This adversary historically leveraged strategic web compromises (SWCs), as well as spear phishing campaigns, to infect targets. EMISSARY PANDA has been known to use custom tools including Clambling, HyperBro, SysUpdate, and the more widely used remote access tool (RAT) PlugX, as well as a number of post-exploitation tools in ope...

Community Identifiers

cpNlYC7SuFJW6LQ

Objective

  • RfJ7we6xAXKg4bcFVNI9qLT
  • bfcYrFB7JkXnDC0wxhlgaTq2Z68K

Motivation

  • hMvkto1X68jlCn9

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.