KEYPLUG (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

elf.keyplug (Back to overview)

KEYPLUG

aka: ELFSHELF

Actor(s): APT41

There is no description at this point.

References

2025-01-23 ⋅ Hunt.io ⋅ Hunt.io
Mapping Suspected KEYPLUG Infrastructure: TLS Certificates, GhostWolf, and RedGolf/APT41 Activity
KEYPLUG

2024-05-21 ⋅ Yoroi ⋅ Carmelo Ragusa, Luigi Martire
Uncovering an undetected KeyPlug implant attacking industries in Italy
KEYPLUG

2023-12-11 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Bendik Hagen
Sandman APT | China-Based Adversaries Embrace Lua
KEYPLUG LuaDream

2023-03-30 ⋅ Recorded Future ⋅ Insikt Group
With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
KEYPLUG Cobalt Strike PlugX RedGolf

2022-05-12 ⋅ TEAMT5 ⋅ Leon Chang, Silvia Yeh
The Next Gen PlugX/ShadowPad? A Dive into the Emerging China-Nexus Modular Trojan, Pangolin8RAT (slides)
KEYPLUG Cobalt Strike CROSSWALK FunnySwitch PlugX ShadowPad Winnti SLIME29 TianWu

2022-03-28 ⋅ Mandiant ⋅ Brandon Wilbur, Dallin Warne, Geoff Ackerman, James Maclachlan, John Wolfram, Tufail Ahmed
Forged in Fire: A Survey of MobileIron Log4Shell Exploitation
KEYPLUG

2022-03-08 ⋅ Mandiant ⋅ Douglas Bienstock, Geoff Ackerman, John Wolfram, Rufus Brown, Van Ta
Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments
KEYPLUG Cobalt Strike LOWKEY

2022-03-08 ⋅ Twitter (@CyberJack42) ⋅ CyberJack
Tweet on ELFSHELF alias for KEYPLUG
KEYPLUG

2022-02-26 ⋅ Mandiant ⋅ Mandiant
TRENDING EVIL Q1 2022
KEYPLUG FAKEUPDATES GootLoader BazarBackdoor QakBot

There is no Yara-Signature yet.

KEYPLUG Propose Change

References

KEYPLUG