← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea
WHITE Unfading Sea Haze AlienVault 2024-05-24 Modified: 2024-06-23
122
IOCs
HIGH VOLUME
An investigation by Bitdefender Labs uncovered a previously unidentified cyber threat actor called Unfading Sea Haze. This group has systematically targeted high-level organizations across countries in the South China Sea region. The extensive analysis spanned several years, revealing their evolving tactics, malware arsenal, and ongoing persistence. The primary objective appears to be espionage, with a focus on data exfiltration and surveillance of military and government entities. Unfading Sea Haze employs a sophisticated array of custom malware tools, including variants of the Gh0st RAT family and techniques like DLL sideloading. Their recent shift towards modular, fileless payloads showcases their adaptability in evading detection.
Unfading Sea HazeaptespionageSilentGh0stTranslucentGh0stSharpJSHandler
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
SilentGh0st TranslucentGh0st SharpJSHandler
Indicators of Compromise (4 / 122 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 1116efd48ca01623bf385cd612f4da1eb9eeba0329e41d0e068bcd6557a46f8f SHA256 of 6a0933d08d8d27165f72c53df8f1bf04 2024-05-24
FileHash-SHA256 6b5b8b12af21700a212d5ece27f065f8f9ed38b2969ad5dfaa790bc76754de6c SHA256 of 1ce17f0e2a000a889b3f81e80b95f19f 2024-05-24
FileHash-SHA256 7587ca6b8163e3e5b05e4a9fc79ec19deee9c971e6f76adadc4d970c99cad4f3 SHA256 of b3dc2dcb0f2a5661aed1f4e6d9e88bc6 2024-05-24
FileHash-SHA256 93abcc4062a14ba3d3309fc5e8a910e81a4e3ce1bbbf5e6f7857779b6e76f43a SHA256 of 2e4055e16c1a9274caa182223977eda1 2024-05-24
References (1)
↗ https://www.bitdefender.com/blog/businessinsights/deep-dive-into-unfading-sea-haze-a-new-threat-actor-in-the-south-china-sea