APT
ATLAS
Atlas
Actors
Sectors
Requirements
⌘K
▸
sign in
Atlas
Actors
Sectors
Requirements
LOADING
Tropic Trooper (aka Tropic Trooper, Earth Centaur) · APT Atlas
Actors
/
Nation-state / APT
/
Asia
Tropic Trooper
APT
CN · China
AKA
Earth Centaur · KeyBoy
Targets
6
Sectors
6
Threat types
1
GIRs covered
0/480
Active since
2011
Pin to atlas
Watch
Share
Export
Victimology
Geographic footprint · 6 countries
Region filter
Export
origin · China
targeted countries · 6
ASIA ·
6
India
·
Japan
·
Mongolia
·
Philippines
·
Taiwan
·
Vietnam
Sectors targeted
6 of 40
Government
83 actors
Aerospace
49 actors
Technology
51 actors
NGOs & Dissidents
47 actors
Manufacturing (man)
40 actors
Dissidents (as targets)
14 actors
Tactics, techniques, procedures
Threat types + MITRE ATT&CK mapping
THREAT TYPES
ESP · Espionage
MITRE ATT&CK · 32 techniques
Initial Access
· 1
T1566.001
Spearphishing Attachment
Execution
· 3
T1059.003
Windows Command Shell
T1106
Native API
T1203
Exploitation for Client Execution
Persistence
· 3
T1543.003
Windows Service
Discovery
· 9
T1016
System Network Configuration Discovery
Lateral Movement
· 1
T1091
Replication Through Removable Media
Collection
· 1
T1119
Automated Collection
Exfiltration
· 1
T1020
Automated Exfiltration
Command And Control
· 5
T1071.001
Web Protocols
T1071.004
DNS
Stealth
· 8
T1027.003
Steganography
T1036.005
Match Legitimate Resource Name or Location
GIR coverage
0 / 480 requirements satisfied
Open matrix
No GIRs mapped yet for this actor.
Related actors
By origin and actor type
APT2
nation-state
China · 6 targets · since 2010
APT5
nation-state
China · 15 targets · since 2007
APT8
nation-state
China · 5 targets · since —
APT14
nation-state
China · 15 targets · since —
APT17
nation-state
China · 10 targets · since 2009
APT20
nation-state
China · 14 targets · since 2011
T1547.001
Registry Run Keys / Startup Folder
T1547.004
Winlogon Helper DLL
T1033
System Owner/User Discovery
T1046
Network Service Discovery
T1049
System Network Connections Discovery
T1057
Process Discovery
T1083
File and Directory Discovery
T1135
Network Share Discovery
T1518
Software Discovery
T1680
Local Storage Discovery
T1105
Ingress Tool Transfer
T1573
Encrypted Channel
T1573.002
Asymmetric Cryptography
T1055.001
Dynamic-link Library Injection
T1070.004
File Deletion
T1078.003
Local Accounts
T1140
Deobfuscate/Decode Files or Information
T1221
Template Injection
T1564.001
Hidden Files and Directories