APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
Earth Lusca (aka Earth Lusca, TAG-22) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
Earth Lusca
APT
CN · China
AKA
TAG-22 · FISHMONGER
CrowdStrike
:
AQUATIC PANDA
Microsoft
:
Charcoal Typhoon
PwC
:
RedHotel
Targets
15
Sectors
11
Threat types
1
GIRs covered
0/480
Active since
2019
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 15 countries
Region filter
Export
origin · China
targeted countries · 15
AMERICAS ·
2
Brazil
·
United States
ASIA ·
9
Bhutan
·
Hong Kong
·
Indonesia
·
India
·
Japan
·
Mongolia
·
Philippines
·
Pakistan
·
Taiwan
EUROPE ·
3
Germany
·
Spain
·
France
AFRICA ·
1
South Africa
Sectors targeted
11 of 40
Government
83 actors
Defense
60 actors
Aerospace
49 actors
Financial Services
61 actors
Cryptocurrency
17 actors
Telecom
57 actors
NGOs & Dissidents
47 actors
Energy / Utilities
49 actors
Education & Research
50 actors
Consulting / Professional Services
26 actors
Industrials / Engineering
23 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
MITRE ATT&CK · 33 techniques
Resource Development
· 2
T1583.004
Server
T1583.006
Web Services
Initial Access
· 3
T1189
Drive-by Compromise
Execution
· 7
T1047
Windows Management Instrumentation
Persistence
· 2
T1543.003
Windows Service
Credential Access
· 2
T1003.001
LSASS Memory
Discovery
· 7
T1007
System Service Discovery
T1016
System Network Configuration Discovery
Lateral Movement
· 1
T1210
Exploitation of Remote Services
Collection
· 1
T1560.001
Archive via Utility
Exfiltration
· 1
T1567.002
Exfiltration to Cloud Storage
Command And Control
· 1
T1090
Proxy
Defense Impairment
· 1
T1112
Modify Registry
Stealth
· 5
T1027
Obfuscated Files or Information
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1190
Exploit Public-Facing Application
T1566.002
Spearphishing Link
T1053.005
Scheduled Task
T1059.001
PowerShell
T1059.005
Visual Basic
T1059.006
Python
T1059.007
JavaScript
T1204.001
Malicious Link
T1547.012
Print Processors
T1003.006
DCSync
T1018
Remote System Discovery
T1033
System Owner/User Discovery
T1049
System Network Connections Discovery
T1057
Process Discovery
T1482
Domain Trust Discovery
T1027.003
Steganography
T1036.005
Match Legitimate Resource Name or Location
T1140
Deobfuscate/Decode Files or Information
T1218.005
Mshta