MalBabble

Your antidote to the cyber-twaddle that is spread about security and malware. Many people research malware and security and the impact of both. Some insights are valuable; others are insanely stupid. MalBabble exists because insisting that conclusions be drawn from data is a coherent idea; that conjecture isn't evidence; and because appealing to conspiracy to validate ideas is intellectually lazy.

Pages

  • Home
  • Mind's Eye

Monday, January 4, 2016

PlugX

Community Synonyms

  • Derusbi
  • Destory RAT
  • Kaba
  • Sogu
  • Thoper
  • TVT
  • Gulpix

Malware References

  • http://blogs.cisco.com/security/talos/threat-spotlight-group-72
  • https://www.circl.lu/pub/tr-24/
  • http://labs.lastline.com/an-analysis-of-plugx
  • https://www.fireeye.com/blog/threat-research/2014/07/pacific-ring-of-fire-plugx-kaba.html
  • https://www.fireeye.com/blog/threat-research/2013/11/exploit-proliferation-additional-threat-groups-acquire-cve-2013-3906.html
  • http://blog.cassidiancybersecurity.com/post/2014/01/plugx-some-uncovered-points.html
  • https://www.fireeye.com/blog/threat-research/2014/06/clandestine-fox-part-deux.html
  • http://researchcenter.paloaltonetworks.com/2015/05/plugx-uses-legitimate-samsung-application-for-dll-side-loading/
  • http://www.csee.umbc.edu/courses/undergraduate/CMSC491malware/fireeye-malware-supply-chain.pdf
  • https://securityledger.com/2013/11/malware-supply-chain-links-eleven-attacks/
  • https://www.blackhat.com/docs/asia-14/materials/Haruyama/Asia-14-Haruyama-I-Know-You-Want-Me-Unplugging-PlugX.pdf
  • http://circl.lu/assets/files/tr-12/tr-12-circl-plugx-analysis-v1.pdf
Posted by Starric at 1:37 PM
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: APT, Derusbi, Destory, Gulpix, Kaba, Malware, PlugX, Sogu, Thoper, TVT

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Blog Archive

  • ►  2019 (10)
    • ►  April (1)
    • ►  March (4)
    • ►  February (5)
  • ▼  2016 (13)
    • ▼  January (13)
      • Comfoo
      • Nancrat
      • Breut
      • TheMoon
      • IExplore RAT
      • Security Breach Notification Laws
      • KillDisk
      • sshbeardoor
      • Black Energy
      • Lstudio
      • Elirks
      • Lecna
      • PlugX
  • ►  2015 (23)
    • ►  December (16)
    • ►  August (2)
    • ►  July (1)
    • ►  April (1)
    • ►  January (3)

Labels

  • 3102 (1)
  • 9002 (1)
  • Agtid (1)
  • Amisharp (1)
  • APT (18)
  • AspxSpy (1)
  • Backspace (1)
  • Black Energy (1)
  • BlackCoffee (1)
  • Boda (1)
  • Breut (1)
  • Briba (1)
  • c0d0so0 (1)
  • Comfoo (1)
  • Crilok (1)
  • crimeware (2)
  • Crowti (1)
  • Deputy Dog (1)
  • Derusbi (1)
  • Destory (1)
  • Disakil (1)
  • DPD (1)
  • Dyzap (1)
  • Elirks (1)
  • Elise (1)
  • Emissary (1)
  • Emotet (1)
  • Fexel (1)
  • Gameover (1)
  • Gaolmay (1)
  • Gh0st (1)
  • Go (1)
  • GoScanSSH (1)
  • Gulpix (1)
  • Hikit (1)
  • HTTPS (1)
  • Hydraq (1)
  • Kaba (1)
  • Kernelbot (1)
  • KillDisk (1)
  • lancafdo (1)
  • Lecna (1)
  • Linksys Worm (1)
  • Lstudio (1)
  • Malware (27)
  • Matrix (1)
  • McRat (1)
  • MdMBot (1)
  • Miancha (1)
  • Moudoor (1)
  • Naid (1)
  • Nancrat (1)
  • page (1)
  • PE File Header (5)
  • PirateMatryoshka (1)
  • PlugX (1)
  • Poison Ivy (1)
  • Preshin (2)
  • Proxydown (1)
  • sandworm (1)
  • Separ (1)
  • Shade (1)
  • Sharky RAT (1)
  • Shlayer (1)
  • Snefix (1)
  • Sogu (1)
  • sshbeardoor (2)
  • Stealer (1)
  • stscout (1)
  • Tabcteng (1)
  • TheMoon (1)
  • Thoper (1)
  • Tools (2)
  • Troldesh (1)
  • TVT (1)
  • Vasport (1)
  • Wumins (1)
  • Yara (6)
  • Zeus (1)
  • ZoxPNG (1)
  • ZxShell (1)
Simple theme. Powered by Blogger.