APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
APT15 (aka Mirage, Ke3Chang) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
APT15
APT
CN · China
AKA
Mirage · Ke3Chang · Nylon Typhoon · Lurid · Metushy · Royal APT · Playful Dragon
Microsoft
:
NICKEL
CrowdStrike
:
VIXEN PANDA
Secureworks
:
BRONZE PALACE
Targets
25
Sectors
8
Threat types
1
GIRs covered
0/480
Active since
2010
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 25 countries
Region filter
Export
origin · China
targeted countries · 25
EUROPE ·
14
Austria
·
Belgium
·
Czechia
·
Germany
·
Spain
·
France
·
United Kingdom
·
Latvia
·
Poland
·
Romania
·
Russia
·
Sweden
·
Slovenia
·
Slovakia
OCEANIA ·
1
Australia
AMERICAS ·
3
Brazil
·
Canada
·
Mexico
ASIA ·
5
Israel
·
India
·
Pakistan
·
Singapore
·
Taiwan
AFRICA ·
2
Morocco
·
Sierra Leone
Sectors targeted
8 of 40
Government
83 actors
Defense
60 actors
Aerospace
49 actors
Financial Services
61 actors
Technology
51 actors
NGOs & Dissidents
47 actors
Energy / Utilities
49 actors
Dissidents (as targets)
14 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
MITRE ATT&CK · 35 techniques
Resource Development
· 1
T1583.005
Botnet
Initial Access
· 1
T1190
Exploit Public-Facing Application
Execution
· 2
T1059
Command and Scripting Interpreter
Persistence
· 2
T1543.003
Windows Service
Credential Access
· 5
T1003.001
LSASS Memory
Discovery
· 7
T1007
System Service Discovery
T1016
System Network Configuration Discovery
Lateral Movement
· 1
T1021.002
SMB/Windows Admin Shares
Collection
· 5
T1005
Data from Local System
T1114.002
Remote Email Collection
T1119
Automated Collection
Exfiltration
· 2
T1020
Automated Exfiltration
T1041
Exfiltration Over C2 Channel
Command And Control
· 3
T1071.001
Web Protocols
T1071.004
DNS
Stealth
· 6
T1027
Obfuscated Files or Information
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1059.003
Windows Command Shell
T1547.001
Registry Run Keys / Startup Folder
T1003.002
Security Account Manager
T1003.003
NTDS
T1003.004
LSA Secrets
T1558.001
Golden Ticket
T1018
Remote System Discovery
T1033
System Owner/User Discovery
T1049
System Network Connections Discovery
T1057
Process Discovery
T1083
File and Directory Discovery
T1560
Archive Collected Data
T1560.001
Archive via Utility
T1105
Ingress Tool Transfer
T1036.002
Right-to-Left Override
T1036.005
Match Legitimate Resource Name or Location
T1078
Valid Accounts
T1078.004
Cloud Accounts
T1140
Deobfuscate/Decode Files or Information