plugx | fadede77c634e440187aaf67f38e0dc457d06a4674ecede40cdb1c27fd6eec26 | Triage

Submit
Reports

Overview

overview

Static

static

fadede77c6...26.exe

windows7-x64

fadede77c6...26.exe

windows10-2004-x64

Sharing

General

Target

fadede77c634e440187aaf67f38e0dc457d06a4674ecede40cdb1c27fd6eec26
Size

244KB
Sample

221130-3yb31afh47
MD5

6b7f62c10ee3cf825fb13f025d098c68
SHA1

a02aa5f30090f23e5e8fbd3bc1232058cd8d9490
SHA256

fadede77c634e440187aaf67f38e0dc457d06a4674ecede40cdb1c27fd6eec26
SHA512

d1d11956d1bab0f17be184872e0ab20cb100cdf1594b6f0ae2d286e6c217410e20fc92f15a06714b4b6c41e3b6165eb60ecc7301fb7596a0456e3e3a8e8664e6
SSDEEP

6144:Yu2urzh9xu/XkaudPdVJI1G/YA0xPl4aX5D8owFA9jES:Yutrzh9xOXkJdIQ/EX44JU61

Score

10^/10

plugx trojan

Static task

static1

Behavioral task

behavioral1

Sample

fadede77c634e440187aaf67f38e0dc457d06a4674ecede40cdb1c27fd6eec26.exe

Resource

win7-20221111-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

fadede77c634e440187aaf67f38e0dc457d06a4674ecede40cdb1c27fd6eec26.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  fadede77c634e440187aaf67f38e0dc457d06a4674ecede40cdb1c27fd6eec26
- Size
  
  244KB
- MD5
  
  6b7f62c10ee3cf825fb13f025d098c68
- SHA1
  
  a02aa5f30090f23e5e8fbd3bc1232058cd8d9490
- SHA256
  
  fadede77c634e440187aaf67f38e0dc457d06a4674ecede40cdb1c27fd6eec26
- SHA512
  
  d1d11956d1bab0f17be184872e0ab20cb100cdf1594b6f0ae2d286e6c217410e20fc92f15a06714b4b6c41e3b6165eb60ecc7301fb7596a0456e3e3a8e8664e6
- SSDEEP
  
  6144:Yu2urzh9xu/XkaudPdVJI1G/YA0xPl4aX5D8owFA9jES:Yutrzh9xOXkJdIQ/EX44JU61
Score

10^/10

plugx trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy