A China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks. Researchers from Palo Alto Networks tracked the new version of the PlugX malware as Thor. The new variant spotted by Palo Alto researchers includes a change to its core source code, vxers replaced its trademark word PLUG to THOR The earliest THOR sample that was spotted by the experts is dated back to August 2019.”]
Source: https://securityaffairs.co/wordpress/120636/malware/chinese-cyberspies-thor-rat.html