Earth BaxiaEarth Baxia

Also known as: Earth Baxia

Known aliases
1

Profile

Earth Baxia is a threat actor opearting out of China, targeting government organizations in Taiwan and potentially across the APAC region, using spear-phishing emails and exploiting the GeoServer vulnerability CVE-2024-36401 for remote code execution, deploying customized Cobalt Strike components with altered signatures, leveraging GrimResource and AppDomainManager injection techniques to deliver additional payloads, and utilizing a new backdoor named EAGLEDOOR for multi-protocol communication and payload delivery.

Aliases· 1

Earth Baxia

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Earth Lamia
Actor
Earth Alux
Actor
Earth Wendigo
Actor
Earth Krahang
Actor
Earth Estries
Actor
Earth Yako
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.