Envoy Panda

China

Details

ENVOY PANDA is a China-nexus targeted intrusion adversary active since 2011. The adversary consistently targets Africa- and Middle East-based government entities—particularly in the diplomatic space—and leverages malware families such as Turian, PlugX, and Smanager in cyberespionage operations.    ENVOY PANDA’s operational security posture has improved over time; the adversary now leverages obfusc...

Community Identifiers

1T6Pqb3ezLWyJZA

Objective

  • XzoIxsPihKpyV2en81mJk7v

Motivation

  • LFxCmATba5P3Yo6

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo