APT5

State-backed: ???

Associated Groups : N/A

Estimated time of origin: 2007

Target: South East Asian Commercial & Government entities.

Strategy : Phishing campaign exploiting Adobe Flash (CVE-2015-3113 & CVE-2015-5119) and bypass Address Space Layout Randomization (ASLR), and uses Return-Oriented Programming (ROP) to bypass Data Execution Prevention (DEP).

Malwares:

• LEOUNCIA

Noteworthy:

• Targeting South East Asian Commercial & Government entities.

Reference

FireEye: Report – Southeast Asia: An Evolving Cyber Threat Landscape FireEye: Leouncia - Yet Another Backdoor