According to Volexity the Flash Player exploit has been leveraged in spear phishing campaign launched by the Wekby APT. The Chinese APT (aka APT 18, Dynamite Panda and TG-0416) sent out the malicious messages to the victims titled Important: Flash update trying to exploit the news of the release of the patch for Flash Player zero-day. Experts noticed that the C&C used by the group is located in Singapore and was used in the past by the same threat actor.”]
Source: https://securityaffairs.co/wordpress/38500/cyber-crime/wekby-apt-ht-exploits.html