Tag feed

#plugx

2 posts0 followers

PlugX: Bad guy disguises as an msi file

Mar 14, 2025 · 7 min read · I. Overview II. Analysis 1. Locate suspicious files Use msitool to extract msidump -s -t mal.msi. In File.idt, we can see that there are 3 embed file. These files are extracted to %LOCALAPPDATA\kjnBsLsJo\ 2024Contact.exe security.dll contactDB.dat ...

Join discussion

FMFPT Metrodata Indonesianews.fmisec.com

0

RedDelta Deploys PlugX Malware in Espionage Campaigns

Jan 20, 2025 · 4 min read · Summary Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. "The group used lure documents themed arou...

Join discussion

#plugx

Search Hashnode

#plugx

PlugX: Bad guy disguises as an msi file

RedDelta Deploys PlugX Malware in Espionage Campaigns