plugx | 8c5659b211edfb6fa704b7db0ef8f86d5079c9abf3e0d26c0ea2c30c67cee5f6 | Triage

Submit
Reports

Overview

overview

Static

static

8c5659b211...f6.exe

windows7-x64

8c5659b211...f6.exe

windows10-2004-x64

Sharing

General

Target

8c5659b211edfb6fa704b7db0ef8f86d5079c9abf3e0d26c0ea2c30c67cee5f6
Size

243KB
Sample

221130-3yetwsbc9w
MD5

50351229f9f28a44d2a1e947e0c752f9
SHA1

47440b25d4a5229ed3b176c58c073c432c0b8eb3
SHA256

8c5659b211edfb6fa704b7db0ef8f86d5079c9abf3e0d26c0ea2c30c67cee5f6
SHA512

dfb9d230f60615f4ff16cc86d9f758305a66a1eb63abc91a61c6a2cfd339f2227a181ef057193b347f34dbe373b5d0237d9ca21aaa7209bca3e2b32daf18ac71
SSDEEP

6144:pLRA0S1lHhJNuTB9U9l0OrDvxYDTdw4myOKNGVFp:p20S1XU9qDZYDT9mjoGV

Score

10^/10

plugx trojan

Static task

static1

Behavioral task

behavioral1

Sample

8c5659b211edfb6fa704b7db0ef8f86d5079c9abf3e0d26c0ea2c30c67cee5f6.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8c5659b211edfb6fa704b7db0ef8f86d5079c9abf3e0d26c0ea2c30c67cee5f6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  8c5659b211edfb6fa704b7db0ef8f86d5079c9abf3e0d26c0ea2c30c67cee5f6
- Size
  
  243KB
- MD5
  
  50351229f9f28a44d2a1e947e0c752f9
- SHA1
  
  47440b25d4a5229ed3b176c58c073c432c0b8eb3
- SHA256
  
  8c5659b211edfb6fa704b7db0ef8f86d5079c9abf3e0d26c0ea2c30c67cee5f6
- SHA512
  
  dfb9d230f60615f4ff16cc86d9f758305a66a1eb63abc91a61c6a2cfd339f2227a181ef057193b347f34dbe373b5d0237d9ca21aaa7209bca3e2b32daf18ac71
- SSDEEP
  
  6144:pLRA0S1lHhJNuTB9U9l0OrDvxYDTdw4myOKNGVFp:p20S1XU9qDZYDT9mjoGV
Score

10^/10

plugx trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy