Rectifyq📃Title: The Lotus Panda is Awake Again: Analysis of the Last Strike
📅Date: 2022-04-29
🔗References:
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: intrusion-analysis
- target: targeted
- MY-relevancy: relevant
🔖MISP Galaxies:
- threat-actor Naikon
- target-information=“Brunei”
- target-information=“Cambodia”
- target-information=“Indonesia”
- target-information=“Laos”
- target-information=“Malaysia”
- target-information=“Myanmar”
- target-information=“Philippines”
- target-information=“Singapore”
- target-information=“Thailand”
- target-information=“Vietnam”
- malpedia=“Viper RAT”
- mitre-attack-pattern=[‘T1071’, ‘T1573’, ‘T1105’, ‘T1571’, ‘T1406’, ‘T1055’, ‘T1566.001’, ‘T1204’]
MISP event uuid: f2a498fe-04a9-4917-88cc-a32d7ad4e4a8
Indicator of Compromise (IoCs)
type,value,comment
sha256, ee50160fdd7cacb7d250f83c48efa55ae0479e47a1eece9c08fe387453b9492a, 'FAKE INI No sample in VT\r\nLast check:09/05/2025'
sha256, eeb5dc51e3828ffbefc290dc1a973c5afc89ba7ff43ab337d5a3b3dc6ca4216f, 'SHELLCODE No sample in VT\r\nLast check:09/05/2025'
ip-dst, 175.27.164.228, 'C&C'
Full IOCs available in Rectifyq's MISP```