Overcast Panda



OVERCAST PANDA is a China-nexus targeted intrusion adversary likely active since at least 2019. Previously tracked as the ClearVariable activity cluster, this adversary’s tradecraft is primarily characterized by the use of the unique FlowCloud and LookBack malware implants delivered through a variety of means. Identified OVERCAST PANDA operations to date have primarily focused on entities the U.S....


  • m5Rh2nbgKH3FvUjQsDe1Y0C


  • 1YcDWNuaUMwfbAK

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.