[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:11
[ALL_FAMILIES]

Sharp Dragon

loader1 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
Sharp Dragon
CATEGORY:
LOADER
DESCRIPTION:
Sharp Dragon is a loader malware used by the FirePeony (also known as SharpPanda) threat group. The malware is designed to download and execute additional payloads on compromised systems and has been observed expanding its operations towards Africa and the Caribbean. It employs sophisticated techniques to evade detection and establish persistence.
ALIASES:
Sharp Dragon LoaderSharpDragonFirePeonySharpPanda
TAGS:
payload_deliverymulti_stagetargeted_attackafricacaribbeanfirepeonysharppanda

[MUTEX_SIGNATURES](1)

[MUTEX_01]
mt_app_http_get_zed2vsp
ANALYST: @adhikara13 DATE: 2024-07-16
REFERENCES:
https://x.com/t3ft3lb/status/1740661367299010957
https://research.checkpoint.com/2024/sharp-dragon-expands-towards-africa-and-the-caribbean/
https://notes.netbytesec.com/2024/05/inside-sharppandas-malware-targeting.html

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
FirePeony
SharpPanda
FIRST_OBSERVED:
2024

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:1
THREAT_ACTORS:2
ALIASES:4
TAGS:7
CATEGORY:LOADER
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]