Threat Actor Profile
High APT
Description

APT17is a China-based threat group that has conducted network intrusions against U.S. government entities, the defense industry, law firms, information technology companies, mining companies, and non-government organizations.[1]

Confidence Score
100%
Tags
mitre-attack crawled web-source mitre-group
First Seen

Unknown

Last Updated

April 29, 2026
18 hours, 44 minutes ago

Active Status
Active
Created

April 29, 2026

MITRE ATT&CK Techniques (2)
T1583 - Acquire Infrastructure
Resource Development
T1585 - Establish Accounts
Resource Development
Indicators of Compromise

Loading IOCs…

IOC KQL for Sentinel
STIX Data 
{'aliases': [],
 'description': 'APT17is a China-based threat group that has conducted network '
                'intrusions against U.S. government entities, the defense '
                'industry, law firms, information technology companies, mining '
                'companies, and non-government organizations.[1]',
 'external_references': [{'external_id': 'G0025',
                          'source_name': 'mitre-attack',
                          'url': 'https://attack.mitre.org/groups/G0025/'}],
 'id': 'threat-actor--G0025',
 'metadata': {'crawled_at': '2026-04-29T14:32:35.812869+00:00',
              'mitre_group_id': 'G0025',
              'page_title': 'APT17, Deputy Dog, Group G0025 | MITRE ATT&CK®'},
 'name': 'APT17',
 'type': 'threat-actor'}
Quick Actions
Related TTPs (2)
Acquire Infrastructure
Resource Development
Establish Accounts
Resource Development
Back to Threat Actors
Dashboard Home