Merge pull request #799 from nyx0/main

Add Evasive Panda Threat Actor
2022-11-19 06:22:07 +01:00 · 2022-11-19 06:22:07 +01:00 · fe32cb4288
parent 4844a7021c be7450494e
commit fe32cb4288
1 changed files with 31 additions and 1 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -9894,7 +9894,37 @@
      ],
      "uuid": "8134c96d-d6ed-49cc-99d6-fe74c0636387",
      "value": "GOLD PRELUDE"
+    },
+    {
+      "description": "Evasive Panda is an APT group that has been active since at least 2012, conducting cyberespionage targeting individuals, government institutions and organizations.",
+      "meta": {
+        "attribution-confidence": "50",
+        "cfr-suspected-state-sponsor": "China",
+        "cfr-suspected-victims": [
+          "Hong Kong",
+          "India",
+          "Malaysia",
+          "Taiwan"
+        ],
+        "cfr-target-category": [
+          "Government",
+          "Individuals",
+          "Universities"
+        ],
+        "cfr-type-of-incident": "Espionage",
+        "country": "CN",
+        "refs": [
+          "https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/",
+          "https://vb2020.vblocalhost.com/uploads/VB2020-43.pdf",
+          "https://www.virusbulletin.com/virusbulletin/2014/02/needle-haystack"
+        ],
+        "synonym": [
+          "BRONZE HIGHLAND"
+        ]
+      },
+      "uuid": "171d0590-be92-443f-addb-af5dc2a8034d",
+      "value": "Evasive Panda"
    }
  ],
-  "version": 252
+  "version": 253
 }