Emissary Panda

URI: https://gptkb.org/entity/Emissary_Panda
GPTKB entity
Statements (53)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2010
gptkbp:alsoKnownAs gptkb:APT27
gptkb:LuckyMouse
gptkbp:area gptkb:Europe
gptkb:Middle_East
gptkb:United_States
gptkbp:associatedWith gptkb:Chinese_government
gptkbp:countryOfOrigin gptkb:China
gptkbp:exploits web server vulnerabilities
Microsoft Exchange vulnerabilities
https://www.w3.org/2000/01/rdf-schema#label Emissary Panda
gptkbp:industry gptkb:energy
gptkb:government
gptkb:technology
defense
gptkbp:motive espionage
intellectual property theft
gptkbp:notableBattle attacks on European technology firms
attacks on US defense contractors
2017 Middle East government breaches
gptkbp:reportsTo gptkb:Kaspersky
gptkb:Palo_Alto_Networks
gptkb:CrowdStrike
gptkb:FireEye
gptkbp:technique data exfiltration
custom malware
living off the land
spear phishing
watering hole attacks
lateral movement
privilege escalation
credential dumping
web shell deployment
remote desktop protocol abuse
gptkbp:uses gptkb:China_Chopper
gptkb:Cobalt_Strike
gptkb:Mimikatz
web shells
gptkbp:usesBackdoor gptkb:PlugX
gptkb:ZxShell
gptkb:HyperBro
SysUpdate
gptkbp:usesC2Infrastructure cloud services
compromised servers
gptkbp:usesMalware gptkb:PlugX
gptkb:ZxShell
gptkb:HyperBro
SysUpdate
gptkbp:bfsParent gptkb:Chinese-speaking_threat_actors
gptkb:Chinese_threat_actors
gptkb:APT27
gptkbp:bfsLayer 8