DragonBreathDragonBreath

Also known as: Golden Eye Dog · APT-Q-27, · DragonBreath

Known aliases
3

Profile

Golden Eye Dog targets Chinese-speaking users engaged in online gambling, employing techniques such as SERP poisoning, social engineering, and DDoS attacks. The group utilizes trojanized NSIS installers to deliver RONINGLOADER, which executes complex process-injection workflows and deploys a modified Gh0st RAT for espionage. Their operations have included DLL sideloading and the use of watering hole websites to implant Trojans. The group is noted for its high anti-detection capabilities and has been associated with various malware development languages.

Aliases· 3

Golden Eye DogAPT-Q-27,DragonBreath

References

  1. https://www.sophos.com/fr-fr/blog/doubled-dll-sideloading-dragon-breath

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
DragonRank
Actor
DragonOK
Actor
DragonSpark
Actor
Dragonbridge
Actor
DAGGER PANDA
Actor
LongNosedGoblin
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.