Overview

overview

10

Static

static

2a8d18a59c...f6.exe

windows7_x64

10

2a8d18a59c...f6.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a8d18a59cd648637deb830079b460008d81411681f0eb41dc327c3f447326f6

  • Size

    248KB

  • Sample

    220615-fv9hrseecp

  • MD5

    cc7b091b94c4f0641b180417b017fec2

  • SHA1

    17c59c9bdc7ac4ef8abdca087fdfeefef816f597

  • SHA256

    2a8d18a59cd648637deb830079b460008d81411681f0eb41dc327c3f447326f6

  • SHA512

    5c5106833eec8cc386171ff519be0af91493305af9fd2bb632ef19907b88c1633bc7a1b30b068659db3fc8d378b918363c5d8c79064600e4b5f1a83cf93b2461

Score
10/10
plugxtrojan

Malware Config

Targets

    • Target

      2a8d18a59cd648637deb830079b460008d81411681f0eb41dc327c3f447326f6

    • Size

      248KB

    • MD5

      cc7b091b94c4f0641b180417b017fec2

    • SHA1

      17c59c9bdc7ac4ef8abdca087fdfeefef816f597

    • SHA256

      2a8d18a59cd648637deb830079b460008d81411681f0eb41dc327c3f447326f6

    • SHA512

      5c5106833eec8cc386171ff519be0af91493305af9fd2bb632ef19907b88c1633bc7a1b30b068659db3fc8d378b918363c5d8c79064600e4b5f1a83cf93b2461

    Score
    10/10
    plugxtrojan

    • Detects PlugX Payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks