plugx | 099f63ed88e191e9222b5cc93f4b43b07414ad82662d3de8184a5707e91e40c8 | Triage

Submit
Reports

Overview

overview

Static

static

msvvcs/msvvcs.exe

windows7_x64

msvvcs/msvvcs.exe

windows10-2004_x64

Sharing

General

Target

099f63ed88e191e9222b5cc93f4b43b07414ad82662d3de8184a5707e91e40c8
Size

106KB
Sample

220530-wjbqcsebc5
MD5

3cb656a74860f7d0c1e0d39599cacb6c
SHA1

4e58f6b1f921ffc4b726096b18e5a4d7f4b21981
SHA256

099f63ed88e191e9222b5cc93f4b43b07414ad82662d3de8184a5707e91e40c8
SHA512

b1e6d7d36939ba334f4ab697510137af3fb2910ea5d9f11fcdd40235ffa7d657fb47c0af23c7e9b6d09a57a5f6d973989e3d7672d6c235736b5f4c6acfe48309

Score

10^/10

plugx trojan

Static task

static1

Behavioral task

behavioral1

Sample

msvvcs/msvvcs.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

msvvcs/msvvcs.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  msvvcs/msvvcs.exe
- Size
  
  36KB
- MD5
  
  5ad9c956883633298c8e435d90d8394c
- SHA1
  
  d666343073acf7b97884bff37b2a902a78901b07
- SHA256
  
  b364c54bb671c0979964e13bf429ba4b128f0d3534d0b9c8de4958f2f37b93d4
- SHA512
  
  9def3c08808addcc232aabe6594297ddf25953e3002c44170387fcda942c26e83de87bda509d85dd4bdf6fc741172c0d27789a55efa5c41d171ab9205ba70882
Score

10^/10

plugx trojan
- Detects Talisman variant of PlugX
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy