The recently discovered Mac Control cyber espionage tool used within an espionage campaign against Tibetan related NGOs and described by AlienVault probably draws on code available on the Chinese web. Searching for strings within the tool reveals the following function names(the below image linked from the Microsoft analysis).
A Google search of the Internet for the strings "ParseCMD" "NM_CMD_S" results in only 5 hits.
www.pudn.com/. The hit is for strings within the source code package shykVC.rar(size 1072 K) uploaded 2009-03-02 by 许凤(Xu Feng) and downloaded 425 times.
blog post by dmackey