APT / THREAT GROUP

Daxin

3
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Symantec describes this as a malware written as Windows kernel driver, used by China-linked threat actors. The malware has a custom TCP/IP stack and is capable of hijacking connections.

Threat Analysis

Daxin is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases3

Also Known As

DELIMEATwin.daxinDaxin

External Intelligence

Malpedia: win.daxin

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.