Skip to content

74 results in Threat Encyclopedia: “BKDR_PLUGX”
Showing Results : 1 - 10
      NextNext Page
...a user's keystrokes to steal information. Arrival DetailsThis backdoor may be dropped by the following malware: BKDR_PLUGX.SMEInstallationThis backdoor drops the following files: All Users' %User Profile%\Gf\boot.ldr - detected...
...files: %All Users Profile%\DRM\DSSM\DSSM.exe%All Users Profile%\DRM\DSSM\MSO.dll -detected as BKDR_PLUGX.DUKLS%All Users Profile%\DRM\DSSM\{random}(Note: %All Users Profile% is the All Users folder, where...
...doc%Application Data%\{random letter}{random digits}{random letter}\mpsvc.dll - also detected as BKDR_PLUGX.TOK(Note: %Application Data% is the current user's Application Data folder, which is usually C:\Documents...
...CommFunc.dll - detected as BKDR_PLUGX.DO%User Temp%\CommFunc.jax - detected as BKDR_PLUGX.DO%All Users Profile%\Camera...Camera\CommFunc.dll - detected as BKDR_PLUGX.DO %All Users Profile%\Camera...
...Profile%\DRM\EPWING\McUtil.dll - detected also as BKDR_PLUGX.GEL %All Users Profile%\DRM\EPWING\McUtil.dll.ping - detected also as BKDR_PLUGX.GEL %All Users Profile%\DRM\EPWING\{random...
...Temp%\RarSFX0\NvSmartMax.dll - also detected as BKDR_PLUGX.CA%User Temp%\RarSFX0\Nv.exe %System...System%\NvSmartMax.dll - (hidden) also detected as BKDR_PLUGX.CA%System%\Nv.exe - (hidden)(Note: %User...
...Temp%\RarSFX0\NvSmartMax.dll - also detected as BKDR_PLUGX.BT%User Temp%\RarSFX0\Nv.exe - deleted afterwards...Profile%\SxS\NvSmartMax.dll - also detected as BKDR_PLUGX.BT%All Users Profile%\SxS\Nv.exe%All Users...
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This backdoor may be dropped by other malware.It executes commands from a remote malicious user, effectively compromising the affected system.It deletes itself after execution.
This malware is a remote access tool (RAT) known as PlugX. It is one of the most common malware used in carrying out targeted attacks. The targeted attacks it has been involved in are mostly directed towards government institutions in Japan.

Connect with us on