Due to the similarities with WaterBear and the polymorphic nature of the code, Unit 42 named this novel Chinese shellcode « BendyBear ».

Highly malleable, highly sophisticated & over 10,000 bytes of machine code.

It stands in a class of its own in terms of being one of the most sophisticated, well-engineered and difficult-to-detect samples of shellcode employed by an APT.

https://unit42.paloaltonetworks.com/bendybear-shellcode-blacktech/