Hogfarming.7z

: Once the user extracts "HogFarming.7z", they find what appears to be a legitimate document or application.

: Government agencies, NGOs, and telecommunications sectors in Southeast Asia and Europe. HogFarming.7z

: Launching the primary file triggers the sideloading of a malicious component (often disguised as a library like MpsSvc.dll or similar). : Once the user extracts "HogFarming

: Analysis suggests the archive often carries variants of the PlugX or ToneIns malware. PlugX is a modular Remote Access Trojan (RAT) used for data exfiltration, keystroke logging, and remote command execution. : Once the user extracts "HogFarming.7z"

Security teams should monitor for the following indicators related to this specific file name and associated threat actor behavior: : HogFarming.7z