plugx | 21cb6abb7e688a3bd2dc7e0313d17fd095c4314639c489040a3b164784d59f6d | Triage

Submit
Reports

Overview

overview

Static

static

21cb6abb7e...6d.exe

windows7-x64

21cb6abb7e...6d.exe

windows10-2004-x64

Sharing

General

Target

21cb6abb7e688a3bd2dc7e0313d17fd095c4314639c489040a3b164784d59f6d
Size

227KB
Sample

221106-m39xtsahfn
MD5

14df7bc4d0778cd7b039ef890d5f0150
SHA1

07172e6e7f513163349ddfe19e5e3e77b4253316
SHA256

21cb6abb7e688a3bd2dc7e0313d17fd095c4314639c489040a3b164784d59f6d
SHA512

54834e1de1758d097c39e777cfb9faad5dcc99f94accbbd626b3f4cba91265e8857e151d060d4cbf1c46d6decfd79b73a766ec9a7eeb6b9b5fe6d05aa7bdd216
SSDEEP

3072:QLnJE0ewnIvRzP1+ttt4Xiibl26wAXvR5g9QC8Qvqwe+P1MAPA8cquwJth/gRp:QLnvip83y27Apa9588jP1lI8HuwHh

Score

10^/10

plugx trojan

Static task

static1

Behavioral task

behavioral1

Sample

21cb6abb7e688a3bd2dc7e0313d17fd095c4314639c489040a3b164784d59f6d.exe

Resource

win7-20220901-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

21cb6abb7e688a3bd2dc7e0313d17fd095c4314639c489040a3b164784d59f6d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  21cb6abb7e688a3bd2dc7e0313d17fd095c4314639c489040a3b164784d59f6d
- Size
  
  227KB
- MD5
  
  14df7bc4d0778cd7b039ef890d5f0150
- SHA1
  
  07172e6e7f513163349ddfe19e5e3e77b4253316
- SHA256
  
  21cb6abb7e688a3bd2dc7e0313d17fd095c4314639c489040a3b164784d59f6d
- SHA512
  
  54834e1de1758d097c39e777cfb9faad5dcc99f94accbbd626b3f4cba91265e8857e151d060d4cbf1c46d6decfd79b73a766ec9a7eeb6b9b5fe6d05aa7bdd216
- SSDEEP
  
  3072:QLnJE0ewnIvRzP1+ttt4Xiibl26wAXvR5g9QC8Qvqwe+P1MAPA8cquwJth/gRp:QLnvip83y27Apa9588jP1lI8HuwHh
Score

10^/10

plugx trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy