1. Executive Summary
At VinCSS, I recently wrote an analysis related to the samples of the Mustang Panda (PlugX) group. These samples are all uploaded from Vietnam. You can read the Vietnamese or English blog post of this analysis.
However, in all the uploaded log.dll
files, there is one file that is not related to the Mustang Panda group’s attack technique, it is marked as the following picture: