Overview

overview

10

Static

static

90a5c1c5dc...84.exe

windows7_x64

10

90a5c1c5dc...84.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90a5c1c5dc2278063478fbc8f2ac072ccf0489d7b3f81a6ed35b7d712b4b7b84

  • Size

    225KB

  • Sample

    220528-c72f5sdha2

  • MD5

    c116cd083284cc599c024c3479ca9b70

  • SHA1

    bf831962162a0446454e3e32d764cc0e5daafde0

  • SHA256

    90a5c1c5dc2278063478fbc8f2ac072ccf0489d7b3f81a6ed35b7d712b4b7b84

  • SHA512

    d89ac7d971e46ee67f6857a71d3712205d28170320386a83d9cdbda97d270626cf2a0e91e0b866d368c65eb3e47766c20c07a2baeb51feb3fe7b8d98d848e560

Score
10/10
plugxtrojan

Malware Config

Targets

    • Target

      90a5c1c5dc2278063478fbc8f2ac072ccf0489d7b3f81a6ed35b7d712b4b7b84

    • Size

      225KB

    • MD5

      c116cd083284cc599c024c3479ca9b70

    • SHA1

      bf831962162a0446454e3e32d764cc0e5daafde0

    • SHA256

      90a5c1c5dc2278063478fbc8f2ac072ccf0489d7b3f81a6ed35b7d712b4b7b84

    • SHA512

      d89ac7d971e46ee67f6857a71d3712205d28170320386a83d9cdbda97d270626cf2a0e91e0b866d368c65eb3e47766c20c07a2baeb51feb3fe7b8d98d848e560

    Score
    10/10
    plugxtrojan

    • Detects PlugX Payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks