Mofang is a likely China-based cyber espionage group, named for its frequent practice of imitating a victim's infrastructure. This adversary has been observed since at least May 2012 conducting focused attacks against government and critical infrastructure in Myanmar, as well as several other countries and sectors including military, automobile, and weapons industries.
|Enterprise||T1027||Obfuscated Files or Information|
|Enterprise||T1566||.001||Phishing: Spearphishing Attachment|
|.002||Phishing: Spearphishing Link|
|Enterprise||T1204||.001||User Execution: Malicious Link|
|.002||User Execution: Malicious File|