: The malware modifies registry keys or creates scheduled tasks to ensure it remains active after system reboots.
: Once the user extracts "HogFarming.7z", they find what appears to be a legitimate document or application.
: Analysis suggests the archive often carries variants of the PlugX or ToneIns malware. PlugX is a modular Remote Access Trojan (RAT) used for data exfiltration, keystroke logging, and remote command execution.
