Search for adversaries

Treasure Panda

Details

TREASURE PANDA has been active since at least 2017 and has demonstrated a longstanding focus on high-profile government and military entities in primarily Russia and Mongolia as well as other nations in Central Asia and Eastern Europe. The adversary leverages multiple malware families such as PlugX, PoisonIvy, TSSLClientRAT, MsmRAT, LogSupport, CotSam, StratRS, DNSep, Hawkball, and Mikroceen, and ...

Community Identifiers

wOj24oKmBL8NZb6

Objective

  • l0QGkh8yUov3uwdxOTDbNqZ
  • LguxlwkVnCXJ13HZ4PAMpUhvrDSE

Motivation

  • cFXVJtfoQdBMRUy

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo