General
-
Target
cb45e907b7c2d59131af818de81cb131c2fa41322ecbe334ed57d04032c6d0be
-
Size
11.0MB
-
Sample
220322-js8egabbaj
-
MD5
b9f0427d3abba1e34ef5ea267d056c18
-
SHA1
532dfbba953d9a6406c86137797be69896b1f412
-
SHA256
cb45e907b7c2d59131af818de81cb131c2fa41322ecbe334ed57d04032c6d0be
-
SHA512
6d1fed05772c88f9fb0e4b1d880af797b7f0c89d536ad5b3da9b4003b9861c48ff7c1c6b8f9898993f5c6d6cad6029654d6aa00020e9bd3a447dc1fa2056dd65
Malware Config
Targets
-
-
Target
cb45e907b7c2d59131af818de81cb131c2fa41322ecbe334ed57d04032c6d0be
-
Size
11.0MB
-
MD5
b9f0427d3abba1e34ef5ea267d056c18
-
SHA1
532dfbba953d9a6406c86137797be69896b1f412
-
SHA256
cb45e907b7c2d59131af818de81cb131c2fa41322ecbe334ed57d04032c6d0be
-
SHA512
6d1fed05772c88f9fb0e4b1d880af797b7f0c89d536ad5b3da9b4003b9861c48ff7c1c6b8f9898993f5c6d6cad6029654d6aa00020e9bd3a447dc1fa2056dd65
Score10/10-
PlugX
PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
-
PlugX Rat Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-