high_confidence

FunnyDream

[FunnyDream](https://attack.mitre.org/campaigns/C0007) was a suspected Chinese cyber espionage campaign that targeted government and foreign organizations in Malaysia, the Philippines, Taiwan, Vietnam, and other parts of Southeast Asia. Security researchers linked the [FunnyDream](https://attack.mitre.org/campaigns/C0007) campaign to possible Chinese-speaking threat actors through the use of the [Chinoxy](https://attack.mitre.org/software/S1041) backdoor and noted infrastructure overlap with the TAG-16 threat group.(Citation: Bitdefender FunnyDream Campaign November 2020)(Citation: Kaspersky APT Trends Q1 2020)(Citation: Recorded Future Chinese Activity in Southeast Asia December 2021)

Start date

1 July 2018

End date

1 November 2020

Techniques

Techniques (14)

collection1

T1560.001Archive via Utility

command-and-control1

T1105Ingress Tool Transfer

discovery5

T1018Remote System Discovery

T1049System Network Connections Discovery

T1057Process Discovery

T1082System Information Discovery

T1016System Network Configuration Discovery

execution3

T1059.003Windows Command Shell

T1047Windows Management Instrumentation

T1059.005Visual Basic

resource-development4

T1588.002Tool

T1585.002Email Accounts

T1583.001Domains

T1588.001Malware

Indicators of compromise

No IOCs linked to this campaign yet.