Envoy Panda

China

Details

ENVOY PANDA is a China-nexus targeted intrusion adversary active since 2011. The adversary consistently targets Africa- and Middle East-based government entities—particularly in the diplomatic space—and leverages malware families such as Turian, PlugX, and Smanager in cyberespionage operations.    ENVOY PANDA’s operational security posture has improved over time; the adversary now leverages obfusc...

Community Identifiers

DuzYpF1KJtoZkBv

Objective

  • ZTc9opJkOX0I2uM41PStdmj

Motivation

  • 09DmQtG2neJH7wS

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo