Statements (28)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
malware
|
| gptkbp:abilities |
gptkb:remote_control
screenshot capture file exfiltration keylogging |
| gptkbp:alsoKnownAs |
gptkb:PlugX
|
| gptkbp:category |
cybercrime
|
| gptkbp:commanded |
gptkb:HTTP
gptkb:TCP custom protocol |
| gptkbp:deliveredBy |
phishing emails
malicious attachments |
| gptkbp:detects |
gptkb:security
|
| gptkbp:discoveredBy |
2012
|
| https://www.w3.org/2000/01/rdf-schema#label |
Korplug
|
| gptkbp:notable_campaign |
attacks on government organizations
attacks on defense contractors |
| gptkbp:persistenceMechanism |
scheduled tasks
Windows registry modification |
| gptkbp:platform |
gptkb:Windows
|
| gptkbp:programmingLanguage |
gptkb:C++
|
| gptkbp:relatedTo |
gptkb:APT10
gptkb:APT17 |
| gptkbp:type |
Trojan
|
| gptkbp:usedBy |
gptkb:Chinese_threat_actors
APT groups |
| gptkbp:bfsParent |
gptkb:PlugX
|
| gptkbp:bfsLayer |
7
|