Sharp Dragon Expands Towards Africa and The Caribbean
May 23, 2024, 2:55 p.m.
Description
Check Point Research has observed a significant shift in the activities and lures of Sharp Dragon, a Chinese threat actor, now targeting governmental organizations in Africa and the Caribbean. This expansion aligns with Sharp Dragon's known tactics of compromising email accounts to spread weaponized documents and deploy malware like Cobalt Strike Beacon. The actors exploit government relationships to establish footholds in new territories, demonstrating increased reconnaissance efforts and utilizing compromised infrastructure as command-and-control servers.
Tags
Date
- Created: May 23, 2024, 2:17 p.m.
- Published: May 23, 2024, 2:17 p.m.
- Modified: May 23, 2024, 2:55 p.m.
Indicators
- ff35cfed656c0cac5571beae7170a2fec007e75417c1d0c4fd7af4185759ec38
- ea72011929dece4684a2dcb5b76f34cef437dbe50306f19c531d632bf26e7f32
- e848355359de1e59901aa387f2d208889c368663438909fd3bb0a97566de2b2d
- e6faf05234ceaaba3bdcca60285a7ba83eea229a0ca241e94fb314a73ad98d87
- cd737ac8d66a47d341dd4a3c98ab0d2c77c7558d9a0161f7d08a4ab310d440ba
- c1e403dd787f197f928960c723866424e343789a0422dbe8c98ed2214500d151
- cc805511e106a9b5302a4db4bfbb98609aca3dcbd2f709aee8ae316f479dfd49
- bff674439ea8333b227f6d05caa05b2e3fe592825abd63272d4f1e4c2dfa88ea
- b952a459dac430d006a4d573612ca8474a410310792ea8141f9ab339214f4e57
- 9885b220b9654ac4743fe907e67da38d723fee2abf2dcd5944aa3a00c4a59c31
- 941e52ce5ce89b7307bdfe1b88657dfd76892b475971b86683cfc6fbca23e209
- 8e72c9517b0220f8ed6973cfc36f478fc7837fe536c5859554661bc1e7ee4254
- 7b21b95c4256308e8089bff38d5d20845f2dc28fa9e536de979ceab9b7962afa
- 7575ebdd90aa0ab66c4eeaecd628c475e406ac9bcc54de5e01a3d372a050aec7
- 708722bafe35a9fdc94ac33b1970776c464f1bb4e9c2ea1c1dba3a9e1ba03ab3
- 6783545b9fa8dd14890644c166a35f3cee78329f9522c6ee53149698e5889695
- 59a9d10eba81d62337f38d8f72a15f283e1f4bc9daa99fe0c08f780f3e4da839
- 42095521622c055db8d79441317952c0899c34d7b776f6f45855581fb86522dc
- 362b9f497fce52a3f14ad9de2a027d974cc810473c929fed7c37526d2f13f83a
- 2faf9615227728b2e7b9cfc548d4210452adc08b3ec500c1b46f2e04fa165816
- 2c7e52eb8290d76780b6ac15a134b58a74c95bc616fd0d91a3f9514409a12846
- 20a4256443957fbae69c7c666ae025522533b849e01680287177110603a83a41
- 1db1cf2df0551762eaef0a92923da2f3d032663fdcb331d9474f5398b8ae4398
- 1c2a10f282f1a24d88c74d8d324fb59b172cee4ee2e3e3996d9a62ba979812a6
- 0373ef0a7874bd8506dc64dd82ef2c6d7661a3250c8a9bb8cb8cb75a7330c1d2
- 04f7ae8042e0ed457dd6b86d6e8a40bd361357724b38d3aac7358f5e643299c6
- 21f173a347ed111ce67e4c0f2c0bd4ee34bb7ca765da03635ca5c0df394cd7e6
- 57b64a1ef1b04819ca9473e1bb74e1cf4be76b89b144e030dc1ef48f446ff95b
- 180f5a0f9210698b54dcafb9a230b12e3eaf199889e5377a2acb7124c2d48d69
- 45.251.241.12
- 38.54.96.97
- 38.54.50.182
- 103.146.78.152
- 185.239.226.91
- 45.76.193.171
- 103.56.17.192
- schemas.openxmlformats.shop
- dueog.xyz
Additional Informations
- Central African Republic
- South Africa