The China-linked APT31 group known as Zirconium, used a tool dubbed Jian, which is a replica of NSA Equation Groups EpMe hacking tool, years back it was leaked online by Shadow Brokers hackers. The tool was being actively utilized between 2014 and 2017, it dates its usage years before the vulnerability was addressed by Microsoft. The exploit stopped working after Microsofts March 2017 patch, the patch that addressed the said vulnerability.”]
Source: https://gbhackers.com/nsa-tools-used-by-chinese-apt-hackers/