SharpPanda, Sharp Dragon

Description

(Check Point) Check Point Research identified an ongoing surveillance operation targeting a Southeast Asian government. The attackers use spear-phishing to gain initial access and leverage old Microsoft Office vulnerabilities together with the chain of in-memory loaders to attempt and install a previously unknown backdoor on victim’s machines.

Our investigation shows the operation was carried out by what we believe is a Chinese APT group that has been testing and refining the tools in its arsenal for at least 3 years.

Names

Name	Name-Giver
SharpPanda	Check Point
Sharp Dragon	Check Point

Country

China

Motivation

Information theft and espionage

First Seen

2018

Observed Sectors

Government

Observed Countries

Tools

Operations

2024: Chinese Espionage Campaign Expands to Target Africa and The Caribbean https://blog.checkpoint.com/research/chinese-espionage-campaign-expands-to-target-africa-and-the-caribbean/
2024-03: Inside the SharpPanda’s Malware Targeting Malaysia https://notes.netbytesec.com/2024/05/inside-sharppandas-malware-targeting.html

Information

https://research.checkpoint.com/2021/chinese-apt-group-targets-southeast-asian-government-with-previously-unknown-backdoor/

Other Information

Uuid

7b0c519a-09c7-4d39-80cf-0b4bac1d5199

Last Card Change

2024-06-19

Threat Intelligence Garden

Explorer

SharpPanda, Sharp Dragon

SharpPanda, Sharp Dragon

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Tools

Operations

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks