Daggerfly
Aliases: Evasive Panda, BRONZE HIGHLAND
Daggerfly is a People's Republic of China-linked APT entity active since at least 2012. Daggerfly has targeted individuals, government and NGO entities, and telecommunication companies in Asia and Africa. Daggerfly is associated with exclusive use of MgBot malware and is noted for several potential supply chain infection campaigns.
Open interactive actor investigation
ATT&CK techniques
T1003.002
Security Account ManagerT1587.002
Code Signing CertificatesT1053.005
Scheduled TaskT1071.001
Web ProtocolsT1059.001
PowerShellT1036.003
Rename System UtilitiesT1204.001
Malicious LinkT1105
Ingress Tool TransferT1082
System Information DiscoveryT1195.002
Compromise Software Supply ChainT1574.002
DLL Side-LoadingT1218.011
Rundll32T1584.004
ServerT1136.001
Local AccountT1553.002
Code SigningT1012
Query RegistryT1189
Drive-by Compromise
Security Account ManagerT1587.002
Code Signing CertificatesT1053.005
Scheduled TaskT1071.001
Web ProtocolsT1059.001
PowerShellT1036.003
Rename System UtilitiesT1204.001
Malicious LinkT1105
Ingress Tool TransferT1082
System Information DiscoveryT1195.002
Compromise Software Supply ChainT1574.002
DLL Side-LoadingT1218.011
Rundll32T1584.004
ServerT1136.001
Local AccountT1553.002
Code SigningT1012
Query RegistryT1189
Drive-by Compromise