← threatfilter.dev / all groups / APT12
APT12
Also known as: IXESHE · DynCalc · Numbered Panda · DNSCALC
Overview
APT12 is a threat group that has been attributed to China. The group has targeted a variety of victims including but not limited to media outlets, high-tech companies, and multiple governments.
Targets
Government · Private sector
Regions
Japan · Taiwan
Capabilities
- Exploitation of public-facing / client applications — ATT&CK T1203
TTPs — 5 techniques across 3 tactics
Initial Access
-
T1566.001Spearphishing Attachment
Execution
-
T1203Exploitation for Client Execution -
T1204.002Malicious File
Command and Control
-
T1102.002Bidirectional Communication -
T1568.003DNS Calculation
Tools & malware (3)
Ixeshe · RIPTIDE · HTRAN
Reporting (2)
- Darwin’s Favorite APT Group [Blog] — Moran, N., Oppenheim, M., Engle, S., & Wartell, R.
- Whois Numbered Panda — Meyers, A