SharpPanda, Sharp Dragon - Threat Group Cards: A Threat Actor
Encyclopedia
Archived: 2026-04-05 12:51:22 UTC
Home > List all groups > SharpPanda, Sharp Dragon
 APT group: SharpPanda, Sharp Dragon
Names
SharpPanda (Check Point)
Sharp Dragon (Check Point)
Country China
Motivation Information theft and espionage
First seen 2018
Description
(Check Point) Check Point Research identified an ongoing surveillance operation
targeting a Southeast Asian government. The attackers use spear-phishing to gain
initial access and leverage old Microsoft Office vulnerabilities together with the
chain of in-memory loaders to attempt and install a previously unknown backdoor
on victim’s machines.
Our investigation shows the operation was carried out by what we believe is a
Chinese APT group that has been testing and refining the tools in its arsenal for at
least 3 years.
Observed
Sectors: Government.
Countries: Indonesia, Malaysia, Thailand, Vietnam and Africa, the Caribbean and
Southeast Asia.
Tools used 8.t Dropper, Cobalt Strike.
Operations performed
2024
Chinese Espionage Campaign Expands to Target Africa and The
Caribbean
Mar 2024
Inside the SharpPanda's Malware Targeting Malaysia
https://apt.etda.or.th/cgi-bin/showcard.cgi?u=7b0c519a-09c7-4d39-80cf-0b4bac1d5199
Page 1 of 2

Information
Last change to this card: 19 June 2024
Download this actor card in PDF or JSON format
Source: https://apt.etda.or.th/cgi-bin/showcard.cgi?u=7b0c519a-09c7-4d39-80cf-0b4bac1d5199
https://apt.etda.or.th/cgi-bin/showcard.cgi?u=7b0c519a-09c7-4d39-80cf-0b4bac1d5199
Page 2 of 2