plugx | 6e4513d1bc45644004b84e3a4bfc027b428bea3484ceaaa7489778fa9f7a88c9 | Triage

Submit
Reports

Overview

overview

Static

static

8

6e4513d1bc...9.xlsm

windows7_x64

6e4513d1bc...9.xlsm

windows10-2004_x64

Sharing

General

Target

6e4513d1bc45644004b84e3a4bfc027b428bea3484ceaaa7489778fa9f7a88c9
Size

1.6MB
Sample

220329-3ewy3acfg9
MD5

d9c0d4a7bbb8ec67b195daa158f04f5f
SHA1

ffcfeca98f3aeb343bba753cd3d84f1770b7665e
SHA256

6e4513d1bc45644004b84e3a4bfc027b428bea3484ceaaa7489778fa9f7a88c9
SHA512

421f6ddda2c26ba8434cde9a9c8337b8dc88c3d8be378b0f56d1f9bb8ef3e675e3f4b2a8a03f5f6df6dd2b039a0beed1791a1e8c5c35adb7c926b433d597f228

Score

10^/10

plugx macro trojan

Static task

static1

Behavioral task

behavioral1

Sample

6e4513d1bc45644004b84e3a4bfc027b428bea3484ceaaa7489778fa9f7a88c9.xlsm

Resource

win7-20220310-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6e4513d1bc45644004b84e3a4bfc027b428bea3484ceaaa7489778fa9f7a88c9.xlsm

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6e4513d1bc45644004b84e3a4bfc027b428bea3484ceaaa7489778fa9f7a88c9
- Size
  
  1.6MB
- MD5
  
  d9c0d4a7bbb8ec67b195daa158f04f5f
- SHA1
  
  ffcfeca98f3aeb343bba753cd3d84f1770b7665e
- SHA256
  
  6e4513d1bc45644004b84e3a4bfc027b428bea3484ceaaa7489778fa9f7a88c9
- SHA512
  
  421f6ddda2c26ba8434cde9a9c8337b8dc88c3d8be378b0f56d1f9bb8ef3e675e3f4b2a8a03f5f6df6dd2b039a0beed1791a1e8c5c35adb7c926b433d597f228
Score

10^/10

plugx trojan
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- PlugX Rat Payload
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Executes dropped EXE
- Loads dropped DLL
- Process spawned suspicious child process
  This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy