2018-11-01 CTA Adversary Playbook Goblin Panda| Threat Intelligence Malaysia

📃Title: CTA Adversary Playbook: Goblin Panda
📅Date: 2018-11-01
🔗References:

https://www.fortinet.com/blog/threat-research/cta-security-playbook—goblin-panda

🔖Rectifyq Taxonomies:

relevancy: 🔴 Highly Relevant
category: ⚔Threat
sub-category: TA-profile
target: targeted
MY-relevancy: relevant

🔖MISP Galaxies:

producer= Fortinet
threat-actor= GOBLIN-PANDA
target-information=“Cambodia”
target-information=“India”
target-information=“Indonesia”
target-information=“Malaysia”
target-information=“Myanmar”
target-information=“Philippines”
target-information=“Thailand”
target-information=“Vietnam”
malpedia=“NewCore RAT”
mitre-attack-pattern=[]

MISP event uuid: de905993-7d1e-4bcc-b942-50f6be6f0027

Indicator of Compromise (IoCs)

type,value,comment
md5, 10fa0058d6bdb26ae3e7880a9f6f1c87, 'NewCoreRat'
md5, 8f3b0daeaa04150b76ca9a3ddca7889c, 'NewCoreRat'
md5, f1b352680bda1c2c7e04f4ae94f56a46, 'NewCoreRat'
md5, 5fd6b30d0e9d0bf6c388f8c8cbf9823e, 'NewCoreRat'
md5, 38b37cd02c736bb7b9a3fa77bb4095ce, 'NewCoreRat'
md5, 2e99cdf7829a5714bd76d8c793039ec6, 'NewCoreRat'
md5, 2e73102f59a5f319414626e6ad7df6e2, 'NewCoreRat'
md5, 0662e0e6e2db47c65ff600678007312a, 'NewCoreRat'
md5, 6c9d7a0f84c1bc18725fa59990c7abd8, 'NewCoreRat'
md5, 40223513419edaea286c431eba5d1449, 'NewCoreRat'
md5, ab4ed49e594e6e31ab31ca4e411525ad, 'NewCoreRat'
md5, 8707578cc25e4047507ee293dea0d037, 'NewCoreRat'
md5, 9e3dcc980bb4c1ce69048b6b5eeea823, 'NewCoreRat'
md5, bd052811fffe5cc1e908a21a873fd43d, 'NewCoreRat'
md5, d00775c66fa4835f1f427ff873b64cba, 'NewCoreRat'
md5, bdaa11e64d00b25c99c254f0c2f5787f, 'NewCoreRat'
md5, b9a1fa2edb4eeb270b7c7e18e963ba5f, 'NewCoreRat'
md5, f9a00b2264b08435553b6b94098504f4, 'NewCoreRat'
md5, 294d7e213525c0bcb70b07667d789d6d, 'NewCoreRat'
md5, 6a18a43b9c12ba82e7ef413d17bcc36b, 'NewCoreRat'
md5, 7a86f39d1a551bfb648856bc99fb10f9, 'NewCoreRat'
md5, 88019fceae0b787d09ecdbd454a2b40e, 'NewCoreRat'
md5, 58458a529d4ff6848be58ba26349749d, 'NewCoreRat'
md5, 03093a21dd46c916c846d2244dbf2bcb, 'NewCoreRat'
md5, d1e675aff0d308fece6194a7b629a6bd, 'NewCoreRat'
md5, ac9157fb554804636893154bf9b6c8e3, 'NewCoreRat'
md5, 4ce12bbc292b9dd3a641b7e0483e8193, 'NewCoreRat'
md5, bc25bbf8a5bb344da9aef282fdab57cf, 'NewCoreRat'
md5, f443b38ba80c228bf0d7defc9d8c18c5, 'NewCoreRat'
md5, d999a22ff6b541817221bd74e1d55f9f, 'NewCoreRat'
md5, 18d5de92036241d0d49b186840bdcc30, 'NewCoreRat'
md5, 1f9e6cfef0216755d6a9cec2fab0f5dc, 'NewCoreRat'
md5, 083fd97c06babdb441f34cbb489d5a50, 'NewCoreRat'
md5, 239edaf861ddeb43113d913d081c48a1, 'NewCoreRat'
md5, d78ac51f69c511199bbe79a683037672, 'NewCoreRat'
md5, 232a788c66bbf24c556ad30997d61ff8, 'NewCoreRat'
md5, d2961d64ecb9d22ef8b6d7280d818a29, 'NewCoreRat'
md5, a87bd421844b838d487c1d94f7d06bc6, 'NewCoreRat'
md5, 2645eac10876fbe03976af2f69273f0a, 'NewCoreRat'
md5, a67c747837b14de1dbf6534aaf940731, 'NewCoreRat'
md5, f04afc1c31dacc002933a1f929d7b303, 'NewCoreRat'
md5, 5408ef844e2aeba3092d379420797078, 'NewCoreRat'
md5, 01a8633082a9024c865b145969b3bfe3, 'NewCoreRat'
md5, 197cb8eaf3797318f49a01a53b6b6372, 'NewCoreRat'
md5, fc150c86b40d094ffa1d74346c519b7a, 'NewCoreRat'
md5, bdf46dd26d747ce97b8a45410a9cdc85, 'NewCoreRat'
md5, ec9d4ea6d94186185edc08bb588355c9, 'NewCoreRat'
md5, 04f540671bfad403eb18569575a0add5, 'NewCoreRat'
md5, 11d364135c1012d8c584b18cb390757d, 'NewCoreRat'

Full IOCs available in Rectifyq’s MISP

Rectifyq

Explorer

2018-11-01 CTA Adversary Playbook Goblin Panda

Indicator of Compromise (IoCs)

🔴 Latest Relevant 🇲🇾 Threat Articles

2026-04-30 Inside Shadow-Earth-053 A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia

2026-04-29 Phoenix Rising Exposing the PhaaS Kit Behind Global Mass Phishing Campaigns

2026-04-21 GhostCargo, a 5-years campaign

Graph View