APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
APT19 (aka Codoso, Sunshop Group) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
APT19
APT
CN · China
AKA
Codoso · Sunshop Group · C0d0so
CrowdStrike
:
DEEP PANDA
Targets
19
Sectors
18
Threat types
1
GIRs covered
0/480
Active since
2013
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 19 countries
Region filter
Export
origin · China
targeted countries · 19
OCEANIA ·
1
Australia
AMERICAS ·
5
Brazil
·
Canada
·
Colombia
·
United States
·
Uruguay
ASIA ·
8
China
·
Hong Kong
·
India
·
Japan
·
South Korea
·
Mongolia
·
Philippines
·
Saudi Arabia
EUROPE ·
5
Germany
·
United Kingdom
·
Italy
·
Netherlands
·
Sweden
Sectors targeted
18 of 40
Government
83 actors
Defense
60 actors
Aerospace
49 actors
Financial Services
61 actors
Healthcare
38 actors
Pharmaceutical
24 actors
Technology
51 actors
Telecom
57 actors
Retail & Hospitality
25 actors
NGOs & Dissidents
47 actors
Education & Research
50 actors
Media & Journalism
41 actors
Transportation
25 actors
Food and Beverage
8 actors
Legal & Professional
13 actors
Chemicals
15 actors
Private Sector (generic)
28 actors
Dissidents (as targets)
14 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
MITRE ATT&CK · 15 techniques
Initial Access
· 2
T1189
Drive-by Compromise
T1566.001
Spearphishing Attachment
Execution
· 2
T1059
Command and Scripting Interpreter
Persistence
· 2
T1543.003
Windows Service
Discovery
· 2
T1016
System Network Configuration Discovery
Command And Control
· 1
T1071.001
Web Protocols
Defense Impairment
· 1
T1112
Modify Registry
Stealth
· 5
T1027.010
Command Obfuscation
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1059.001
PowerShell
T1547.001
Registry Run Keys / Startup Folder
T1033
System Owner/User Discovery
T1140
Deobfuscate/Decode Files or Information
T1218.010
Regsvr32
T1218.011
Rundll32
T1564.003
Hidden Window