Unfading Sea Haze

Malware Profile Updated 2 months ago
Download STIX
Preview STIX
Unfading Sea Haze is a sophisticated malware that has been active since at least 2018, impacting numerous military and government organizations. This malicious software, identified by Bitdefender researchers, exploits systems primarily in the South China Sea region, affecting high-level entities. The malware infiltrates systems through various methods such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operations, steal sensitive information, or even hold data hostage for ransom. The threat actor uses a suite of tools for post-compromise activity, including .net payloads sharpJsHandler and SerialPktDoor, along with two evolved versions of the Gh0stRat—EtherealGh0st and FluffyGh0st. These variants have developed from two older versions, TranslucentGh0st and SilentGh0st, which have been in use by the same actor since their emergence. These tools allow the threat actor to maintain control over compromised systems, extract valuable information, and potentially cause significant damage. One primary infection vector used by Unfading Sea Haze is spear phishing, where targeted individuals receive seemingly legitimate emails containing zip archives. When these archives are opened, they deploy the SerialPktdoor backdoor, providing the attacker with unauthorized access to the system. This method allows the malware to bypass traditional security measures, making it a particularly insidious threat to the affected organizations.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Bitdefender
Backdoor
Phishing
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
SharpjshandlerUnspecified
1
None
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Unfading Sea Haze Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Bitdefender
2 months ago
Unfading Sea Haze: New Espionage Campaign in the South China Sea