Threats Tagged 'g data antivirus'
View all threats tagged with 'g data antivirus'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'g data antivirus'
Click on any threat for detailed analysis and mitigation recommendations
PlugX Meeting Invitation via MSBuild and GDATA 0 A recent PlugX campaign utilized phishing emails with a 'Meeting Invitation' lure to deploy malware through DLL side-loading. The infection chain begins with a zip file containing a malicious .csproj file and MSBuild executable. The .csproj file downloads three components: a legitimate G DATA Antivirus executable, a malicious Avk.dll (PlugX variant), and an encrypted AVKTray.dat file. The malware uses DLL side-loading, API hashing, and XOR encryption for obfuscation. It establishes persistence via the Run registry key and communicates with a command and control server. The campaign showcases PlugX's continued evolution while maintaining its core characteristics, highlighting its ongoing relevance in cyber-espionage operations. Join the discussion | AlienVault OTX General | 03/01/2026, 05:26:46 UTC Added: 03/02/2026, 11:55:31 UTC |
Showing 1 to 1 of 1 result