PlugX

PlugX (KORPLUG) is a Chinese APT backdoor family active since 2008. Uses APT3/10/MUSTANG PANDA. DLL sideloading, encrypted C2.

Threat Profile
Type Backdoor
Programming LanguageC++
C2 ProtocolTCP
First Seen2008
Targets Devlet/Savunma
Purpose / Capabilities
  • APT Backdoor
No C2 servers have been identified for this family yet.

Research Reports (1)

Critical

PlugX -- rundll32.dll 444KB, VTCP Ozel AG, DLL Sideloading APT | Kritik

PlugX rundll32.dll 444KB. VTCP özel ağ kütüphanesi. DLL sideloading. Çin APT aracı.

Read Report →