Also Known As
Shell Crew | Deep Panda | WebMasters | KungFu Kittens | Black Vine | Group 13 | PinkPanther | Sh3llCr3w | Bronze Firestone
Origin
China
Target Countries
Argentina | Australia | Austria | Belgium | Brazil | Canada | Chile | Colombia | Congo | Europe | France | Germany | Ghana | Hungary | India | Indonesia | Italy | Japan | Latvia | Malaysia | Mexico | Middle East North Africa (MENA) | Myanmar | Netherlands | Poland | Portugal | Russian Federation | Singapore | South Africa | South Korea | South East Asia | Spain | Taiwan | United Kingdom | United States | Vietnam | Western Europe
Targeted Verticals
Education
Critical Infrastructure
Financial Services
Government | Military
Telecommunications
MITRE TTPs
Application Layer Protocol: Web Protocols
Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder
Command and Scripting Interpreter
Create or Modify System Process: Windows Service
Data Encoding: Standard Encoding
Deobfuscate/Decode Files or Information
Hijack Execution Flow: DLL Side-Loading
Obfuscated Files or Information
Phishing: Spearphishing Attachment
Signed Binary Proxy Execution: Regsvr32
Signed Binary Proxy Execution: Rundll32