Search for adversaries

Vanguard Panda

China

Details

VANGUARD PANDA is a China-nexus targeted intrusion adversary that relies heavily on living-off-the-land (LOTL) techniques and also uses webshells in addition to well-known tools such as Impacket and Fast Reverse Proxy (FRP). Initial access methods have historically involved exploiting Zoho ManageEngine software and, likely more recently, Fortinet FortiGuard.  VANGUARD PANDA appears to focus on dat...

Community Identifiers

gH0c2XCfxJ1b4yY

Objective

  • RY04seKo5nWJMpAbBc1GdCz

Motivation

  • 8RZAN0kILjiXhyD

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo