PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)

PlugX is a remote access tool (RAT) with modular plugins that has been used by multiple threat groups.^{[Lastline PlugX Analysis]}^{[FireEye Clandestine Fox Part 2]}^{[New DragonOK]}^{[Dell TG-3390]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
TA459 (e343c1f1-458c-467b-bc4a-c1b97b2127e3)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
menuPass (fb93231d-2ae4-45da-9dea-4c372a11f322)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	APT41 (502223ee-8947-42f8-a532-a3b3da12b7d9)	Tidal Groups	1
Higaisa (f1477581-d485-403f-a95f-c56bf88c5d1e)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
APT20 (4173c301-0307-458d-89dd-2583e94247ec)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
GALLIUM (15ff1ce0-44f0-4f1d-a4ef-83444570e572)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
Axiom (90f4d3f9-3fe3-4a64-8dc1-172c6d037dca)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
APT3 (9da726e6-af02-49b8-8ebe-7ea4235513c9)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
LuminousMoth (b10aa4c0-10a1-5e08-8d9d-82ce95d45e6a)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
Threat Group-3390 (79be2f31-5626-425e-844c-fd9c99e38fe5)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
Mustang Panda (4a4641b1-7686-49da-8d83-00d8013f4b47)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
DragonOK (f2c2db08-624c-46b9-b7ed-b22c21b81813)	Tidal Groups	PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	1
PlugX (070b56f4-7810-4dad-b85f-bdfce9c08c10)	Tidal Software	Winnti Group (6932662a-53a7-4e43-877f-6e940e2d744b)	Tidal Groups	1