Envoy Panda

China

Details

ENVOY PANDA is a China-nexus targeted intrusion adversary active since 2011. The adversary consistently targets Africa- and Middle East-based government entities—particularly in the diplomatic space—and leverages malware families such as Turian, PlugX, GoClient, and Smanager in cyberespionage operations.    ENVOY PANDA’s operational security posture has improved over time; the adversary now levera...

Community Identifiers

YXmRAUOjzkwK2I3

Objective

  • 5fu1BNz4GDeXc69Mwjhg0CA

Motivation

  • 1sGrQ2jlXvxntFy

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo