plugx | ea257be88094028e9adf2422124491f2ab71c3359d54d5db0d2829de22e16b34 | Triage

Submit
Reports

Overview

overview

Static

static

ea257be880...34.exe

windows7_x64

ea257be880...34.exe

windows10-2004_x64

Sharing

General

Target

ea257be88094028e9adf2422124491f2ab71c3359d54d5db0d2829de22e16b34
Size

428KB
Sample

220625-v69p8sdgcl
MD5

50742b582157e9fc58924153a743110f
SHA1

04a0e43fd70ba637fc451499b36be5dedd6a8f54
SHA256

ea257be88094028e9adf2422124491f2ab71c3359d54d5db0d2829de22e16b34
SHA512

5e823eddefba625f304234b8588186e2c1b43941739e460949a92a43db4f68f6fc19acff3bbe7066556f067c00eac25875efc92466a78e31e6c06f06e151d520

Score

10^/10

plugx trojan

Static task

static1

Behavioral task

behavioral1

Sample

ea257be88094028e9adf2422124491f2ab71c3359d54d5db0d2829de22e16b34.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ea257be88094028e9adf2422124491f2ab71c3359d54d5db0d2829de22e16b34.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ea257be88094028e9adf2422124491f2ab71c3359d54d5db0d2829de22e16b34
- Size
  
  428KB
- MD5
  
  50742b582157e9fc58924153a743110f
- SHA1
  
  04a0e43fd70ba637fc451499b36be5dedd6a8f54
- SHA256
  
  ea257be88094028e9adf2422124491f2ab71c3359d54d5db0d2829de22e16b34
- SHA512
  
  5e823eddefba625f304234b8588186e2c1b43941739e460949a92a43db4f68f6fc19acff3bbe7066556f067c00eac25875efc92466a78e31e6c06f06e151d520
Score

10^/10

plugx trojan
- Detects PlugX Payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy