Group: Putter Panda, APT2, MSUpdater

From enterprise
Jump to: navigation, search
Putter Panda, APT2, MSUpdater
ID G0024
Aliases Putter Panda, APT2, MSUpdater

Putter Panda is a Chinese threat group that has been attributed to Unit 61486 of the 12th Bureau of the PLA’s 3rd General Staff Department (GSD).1

Alias Descriptions

  • Putter Panda - 12
  • APT2 - 2
  • MSUpdater - 1

Techniques Used

  • Process Injection - An executable dropped onto victims by Putter Panda aims to inject the specified DLL into a process that would normally be accessing the network, including Outlook Express (msinm.exe), Outlook (outlook.exe), Internet Explorer (iexplore.exe), and Firefox (firefox.exe).1