Infosecurity-magazine.com28 天
Mustang Panda Leverages Microsoft Tools to Bypass Anti-Virus Solutions
Microsoft Application Virtualization Injector (MAVInject.exe) is used to inject Mustang Panda’s payload into waitfor.exe. This is a Windows utility that is used to send or wait for signals between ...
Bleeping Computer27 天
Chinese hackers abuse Microsoft APP-v tool to evade antivirus
When ESET antivirus products are detected (ekrn.exe or egui.exe) on a compromised machine, Mustang Panda employs a unique evasion mechanism exploiting tools pre-installed on Windows 10 and later.