← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea
WHITE Unfading Sea Haze AlienVault 2024-05-24 Modified: 2024-06-23
122
IOCs
HIGH VOLUME
An investigation by Bitdefender Labs uncovered a previously unidentified cyber threat actor called Unfading Sea Haze. This group has systematically targeted high-level organizations across countries in the South China Sea region. The extensive analysis spanned several years, revealing their evolving tactics, malware arsenal, and ongoing persistence. The primary objective appears to be espionage, with a focus on data exfiltration and surveillance of military and government entities. Unfading Sea Haze employs a sophisticated array of custom malware tools, including variants of the Gh0st RAT family and techniques like DLL sideloading. Their recent shift towards modular, fileless payloads showcases their adaptability in evading detection.
Unfading Sea HazeaptespionageSilentGh0stTranslucentGh0stSharpJSHandler
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
SilentGh0st TranslucentGh0st SharpJSHandler
Indicators of Compromise (4 / 122 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 7c1a3c5c016209a502fe5157b7c525c6b079d79b SHA1 of b3dc2dcb0f2a5661aed1f4e6d9e88bc6 2024-05-24
FileHash-SHA1 a23704a9a673dc1de624dc80e441d18ebb0c5fb8 SHA1 of 6a0933d08d8d27165f72c53df8f1bf04 2024-05-24
FileHash-SHA1 d421830cc2c1a04dd89c94bee0714ef805fa6c4c SHA1 of 1ce17f0e2a000a889b3f81e80b95f19f 2024-05-24
FileHash-SHA1 ed389a02b46cb203a2308aac5722176766936234 SHA1 of 2e4055e16c1a9274caa182223977eda1 2024-05-24
References (1)
↗ https://www.bitdefender.com/blog/businessinsights/deep-dive-into-unfading-sea-haze-a-new-threat-actor-in-the-south-china-sea