Operation Dragon Castling is yet another campaign by a Chinese-speaking APT group targeting betting companies in Southeast Asian countries. One of the malicious files used in this campaign is the MulCom backdoor that is believed to be loaded by a malicious file, CorePlugin. The researchers have spotted notable code similarities between the MulCom backdoor and FFRat malware samples.