Tag: APT

• A “GULP” of PlugX

  

  Often attributed to Chinese-speaking threat actors, PlugX a remote access trojan(RAT), was identified by security researchers in 2012. With several variants of the RAT identified by vendors over the year, many techniques used to compromise systems have remained the same. While perusing public malware sandboxes for interesting new samples, I stumbled upon a Windows executable […]

  Mike

  January 6, 2022

  INFOSEC

  APT, INFOSEC, PlugX

• More Flagpro, More Problems

  

  No stranger to this blog, BlackTech has continued to modify techniques to compromise networks and even suffered an OPSEC slip in the way of an open directory. This post will cover a malicious document similar to that identified by [1] PWC and [2] NTT in the previous reporting on the group. While I cannot definitively […]

  Mike

  December 12, 2021

  INFOSEC

  APT, BlackTech, Malware