General
-
Target
704c5fbb5766bca421e96cbfe0b4670a05fb2f09680983c2a681d45354d1421f
-
Size
1.8MB
-
Sample
220310-b2xqbsfdgr
-
MD5
66a22d6297647aa45056ce1410befd39
-
SHA1
05d13a6b47f13fa9e49e9bc95291562afa46c2a6
-
SHA256
704c5fbb5766bca421e96cbfe0b4670a05fb2f09680983c2a681d45354d1421f
-
SHA512
212efaa509f2e70c68236ce6a484ec43e804cdda902fc33c70b3e872061c56d2620c0ab164b74157c1d8cfe06a8fe0a89e67d5b84a48265329d08a9f524efda1
Malware Config
Targets
-
-
Target
704c5fbb5766bca421e96cbfe0b4670a05fb2f09680983c2a681d45354d1421f
-
Size
1.8MB
-
MD5
66a22d6297647aa45056ce1410befd39
-
SHA1
05d13a6b47f13fa9e49e9bc95291562afa46c2a6
-
SHA256
704c5fbb5766bca421e96cbfe0b4670a05fb2f09680983c2a681d45354d1421f
-
SHA512
212efaa509f2e70c68236ce6a484ec43e804cdda902fc33c70b3e872061c56d2620c0ab164b74157c1d8cfe06a8fe0a89e67d5b84a48265329d08a9f524efda1
Score10/10-
PlugX
PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
-
PlugX Rat Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-