plugx | 3bca1997648eb70fd53abcfd9f5b1880b58daea9aa4c8b434790ebb81ace182b | Triage

Submit
Reports

Overview

overview

Static

static

8

3bca199764...b.xlsm

windows7_x64

3bca199764...b.xlsm

windows10-2004_x64

Sharing

General

Target

3bca1997648eb70fd53abcfd9f5b1880b58daea9aa4c8b434790ebb81ace182b
Size

1.6MB
Sample

220329-3e4znsghcm
MD5

5fab2a427175d69f010acfd2caff68b0
SHA1

69657f55e9fdc505a3681c4e5df680aecb89a780
SHA256

3bca1997648eb70fd53abcfd9f5b1880b58daea9aa4c8b434790ebb81ace182b
SHA512

1cf9b4ee4fb60906198e18a182bce4622bd6c5bef8ef32bedb38442c75c7966cc5ba705730dc3f3cc07dfb4cf60f9b7e70daa3c6975cca8cd405f4ac84e666ad

Score

10^/10

plugx macro trojan

Static task

static1

Behavioral task

behavioral1

Sample

3bca1997648eb70fd53abcfd9f5b1880b58daea9aa4c8b434790ebb81ace182b.xlsm

Resource

win7-20220311-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3bca1997648eb70fd53abcfd9f5b1880b58daea9aa4c8b434790ebb81ace182b.xlsm

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3bca1997648eb70fd53abcfd9f5b1880b58daea9aa4c8b434790ebb81ace182b
- Size
  
  1.6MB
- MD5
  
  5fab2a427175d69f010acfd2caff68b0
- SHA1
  
  69657f55e9fdc505a3681c4e5df680aecb89a780
- SHA256
  
  3bca1997648eb70fd53abcfd9f5b1880b58daea9aa4c8b434790ebb81ace182b
- SHA512
  
  1cf9b4ee4fb60906198e18a182bce4622bd6c5bef8ef32bedb38442c75c7966cc5ba705730dc3f3cc07dfb4cf60f9b7e70daa3c6975cca8cd405f4ac84e666ad
Score

10^/10

plugx trojan
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- PlugX Rat Payload
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Executes dropped EXE
- Loads dropped DLL
- Process spawned suspicious child process
  This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy