Protux

Description

(Trend Micro) Protux, a known backdoor, is executed by abusing the rundll32 dynamic-link library (DLL). It tests the host’s network, retrieves the C&C server from another blog, and uses the RSA algorithm to generate the session key and send information to the C&C server.

Names

Name
Protux

Type

Backdoor

Information

https://blog.trendmicro.com/trendlabs-security-intelligence/blackgear-cyberespionage-campaign-resurfaces-abuses-social-media-for-cc-communication/

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:protux

Other Information

Uuid

29ff8d7b-f399-4ef8-b8de-e9fa6bcd8cc0

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

Protux

Protux

Description

Names

Category

Type

Information

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks