A Chinese state sponsored threat actor known as Mustang Panda has been employing a technique to evade detection and maintain control over infected systems. How they do this is through the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization.