Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 22:02:46 UTC
Home > List all groups > List all tools > List all groups using tool Protux
 Tool: Protux
Names Protux
Category Malware
Type Backdoor
Description
(Trend Micro) Protux, a known backdoor, is executed by abusing the rundll32 dynamic-link library (DLL). It tests the host’s network, retrieves the C&C server from another
blog, and uses the RSA algorithm to generate the session key and send information to the
C&C server.
Information
AlienVault OTX Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool Protux
Changed Name Country Observed
APT groups
 Blackgear 2018-Jul 2018
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=29ff8d7b-f399-4ef8-b8de-e9fa6bcd8cc0
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=29ff8d7b-f399-4ef8-b8de-e9fa6bcd8cc0
Page 1 of 1