Skip to content

15 results in Threat Encyclopedia: “TROJ_PLUGX”
Showing Results : 1 - 10
      NextNext Page
...All User's Profile}\SxSv\rc.exe - normal file{All User's Profile}\SxSv\rc.hlp - detected as TROJ_PLUGX.SME a53220cfef72a3dae4ef290790adccc9 d98ec3a0556a758a8bd806743b44840470062af0 |4,096
...non-malicious legitimate file named Nv.exe. It then loads the file {malware path}\Nv.mp3, detected by Trend Micro as TROJ_PLUGX.SME, and executes the code contained in it. As a result, malicious routines of the loaded file are exhibited on...
This Trojan may be dropped by other malware.It exports functions used by other malware. Arrival DetailsThis Trojan may be dropped by other malware.
This Trojan may be dropped by other malware.It does not have any propagation routine.It does not drop any other file.It does not have any downloading capability.
PLUGX is a remote access tool (RAT) used in targeted attacks aimed toward government-related institutions and key industries. It was utilized the same way as Poison Ivy, a RAT involved in a campaign dating back to 2008.
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This malware is part of a targeted attack against certain entities in Taiwan on June 2014, utilizing not only PlugX RAT malware but also the use of Dropbox. It uses Dropbox to update its C&C settings in order to listen and perform commands from a remote malicious user.
...SxSv\rc.hlp - detected as TROJ_PLUGX.SME%System Root%\Documents...SxSv\rcdll.dll - detected as TROJ_PLUGX.AF(Note: %System Root% is...installation using its component files TROJ_PLUGX.SME and TROJ_PLUGX.AF. Backdoor...
...are executed, loading other files detected as TROJ_PLUGX.SME and TROJ_PLUGX.ME. As a result, malicious routines of the...legitimate file Nv.mp3 - detected by Trend Micro as TROJ_PLUGX.SME NvSmartMax.dll - detected by Trend Micro...

Connect with us on