NanHaiShu is a remote access tool and JScript backdoor used by Leviathan. NanHaiShu has been used to target government and private-sector organizations that have relations to the South China Sea dispute.
|2019 ⋅ MITRE ⋅ |
Tool description: NanHaiShu
|2017-10-16 ⋅ Proofpoint ⋅ |
Leviathan: Espionage actor spearphishes maritime and defense targets
NanHaiShu SeDll APT40
|2016-08-05 ⋅ F-Secure ⋅ |
NANHAISHU: RATing the South China Sea
|2015-06-24 ⋅ Spiceworks ⋅ |
Stealthy Cyberespionage Campaign Attacks With Social Engineering
There is no Yara-Signature yet.