Overview

overview

10

Static

static

10

software_r...ol.exe

windows7_x64

10

software_r...ol.exe

windows10-2004_x64

10

Resubmissions

05-12-2022 19:46

221205-ygyhfsdd5s 7

18-03-2022 13:00

220318-p8sxlshfg2 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    software_reporter_tool.exe

  • Size

    13.9MB

  • Sample

    220318-p8sxlshfg2

  • MD5

    3dcd45838971b3e51d01e62c09d36e08

  • SHA1

    9884fc2f1ed03043d5a6aa5f59625b7a0cad4c2a

  • SHA256

    d7081c02c19718ed94ef3154ede0d045c50ba7d9e7653b7b5c589ac1a0b36f81

  • SHA512

    6e2b5e3b75bd872bd01c6b8feaea76aea733f75320e4b88877ef1aae061d37ac0de82943502c2c575f67dcd77961bba506d5f16489bd33b8aa621e472fe648fa

Score
10/10
plugxdiscoverytrojan

Malware Config

Targets

    • Target

      software_reporter_tool.exe

    • Size

      13.9MB

    • MD5

      3dcd45838971b3e51d01e62c09d36e08

    • SHA1

      9884fc2f1ed03043d5a6aa5f59625b7a0cad4c2a

    • SHA256

      d7081c02c19718ed94ef3154ede0d045c50ba7d9e7653b7b5c589ac1a0b36f81

    • SHA512

      6e2b5e3b75bd872bd01c6b8feaea76aea733f75320e4b88877ef1aae061d37ac0de82943502c2c575f67dcd77961bba506d5f16489bd33b8aa621e472fe648fa

    Score
    10/10
    plugxdiscoverytrojan

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • PlugX Rat Payload

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks