Stone Panda

Type: Believed Cyber-mercenary

Stone Panda APT Status: Active May 2010-Oct. 2013; current status unknown

Target Sectors: Healthcare, Defense, Aerospace, Government


  • PoisonIvy RAT
    • GUI
    • widely available
    • Capable of: renaming, deleting, uploading, downloading or executing files; viewing or editing registry keys; viewing, suspending, or killing running processes; viewing or terminating network connections; viewing and controlling services; viewing or disabling installed devices; enumerating, deleting, or uninstalling programs
    • Capable of logging keystrokes, taking screenshots, recording audio or webcam footage, and by capturing saved passwords and hashes
  • IEChecker/ EvilGrab
    • Capture audio, video, screenshots, and keystrokes

Preferred Attack Vector:  Spear phishing emails


  • Focus on reconnaissance, lateral movement, and data exfiltration
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Consent to display content from Youtube
Consent to display content from Vimeo
Google Maps
Consent to display content from Google