Threat Actor Profile
High APT
Description

Aoqin Dragonis a suspected Chinese cyber espionage threat group that has been active since at least 2013.Aoqin Dragonhas primarily targeted government, education, and telecommunication organizations in Australia, Cambodia, Hong Kong, Singapore, and Vietnam. Security researchers noted a potential association betweenAoqin Dragonand UNC94, based on malware, infrastructure, and targets.[1]

Confidence Score
100%
Tags
mitre-attack crawled web-source mitre-group
First Seen

July 14, 2022

Last Updated

April 29, 2026
18 hours, 43 minutes ago

Active Status
Active
Created

April 29, 2026

MITRE ATT&CK Techniques (9)
T1027 - Obfuscated Files or Information
Defense Evasion
T1036 - Masquerading
Defense Evasion
T1083 - File and Directory Discovery
Discovery
T1203 - Exploitation for Client Execution
Execution
T1204 - User Execution
Execution
T1091 - Replication Through Removable Media
Lateral Movement
T1570 - Lateral Tool Transfer
Lateral Movement
T1587 - Develop Capabilities
Resource Development
T1588 - Obtain Capabilities
Resource Development
AI Threat Intelligence Report
April 29, 2026 14:35
Threat Intelligence Report: Aoqin Dragon

Automated AI-generated threat intelligence report for Aoqin Dragon.

View full AI report
Indicators of Compromise

Loading IOCs…

IOC KQL for Sentinel
STIX Data 
{'aliases': [],
 'description': 'Aoqin Dragonis a suspected Chinese cyber espionage threat '
                'group that has been active since at least 2013.Aoqin '
                'Dragonhas primarily targeted government, education, and '
                'telecommunication organizations in Australia, Cambodia, Hong '
                'Kong, Singapore, and Vietnam. Security researchers noted a '
                'potential association betweenAoqin Dragonand UNC94, based on '
                'malware, infrastructure, and targets.[1]',
 'external_references': [{'external_id': 'G1007',
                          'source_name': 'mitre-attack',
                          'url': 'https://attack.mitre.org/groups/G1007/'}],
 'id': 'threat-actor--G1007',
 'metadata': {'contributors': 'Hiroki Nagahama, NEC Corporation; Pooja '
                              'Natarajan, NEC Corporation India; Manikantan '
                              'Srinivasan, NEC Corporation India',
              'crawled_at': '2026-04-29T14:32:25.648301+00:00',
              'created_date': '14 July 2022',
              'last_modified': '16 April 2025',
              'mitre_group_id': 'G1007',
              'page_title': 'Aoqin Dragon, Group G1007 | MITRE ATT&CK®',
              'version': '1.0'},
 'name': 'Aoqin Dragon',
 'type': 'threat-actor'}
Quick Actions
View AI Report
Related TTPs (9)
Obfuscated Files or Informati…
Defense Evasion
Masquerading
Defense Evasion
File and Directory Discovery
Discovery
Exploitation for Client Execu…
Execution
User Execution
Execution
View All 9 TTPs
Related Reports (1)
Threat Intelligence Report: A…
Intelligence Report
Back to Threat Actors
Dashboard Home