General
-
Target
806b6bdbd08ad3ce6ef80e98af391220a71b4a69169c159e582067df46a26204
-
Size
324KB
-
Sample
221201-j4rwvsde8s
-
MD5
510373e64ab11602490e0e5eb36ef4d1
-
SHA1
284e402d86e35a510e428bd6dc990e1d6d87a8bc
-
SHA256
806b6bdbd08ad3ce6ef80e98af391220a71b4a69169c159e582067df46a26204
-
SHA512
30f536eeccc1200bf69f3adef6214387a17c919f332ca120b56e1d20dfd9e996c4aaa38f4d593ee7d25e05f8add7b17ea02922e3d4ac59403ab1d574c76345ff
-
SSDEEP
6144:xzAFVteZhTDb2WzbxEvk69q6CC4KEqU/G0VmyhNz+0dfpnXh:CfeqAxEvl9j34KEqcG02sRh
Malware Config
Targets
-
-
Target
806b6bdbd08ad3ce6ef80e98af391220a71b4a69169c159e582067df46a26204
-
Size
324KB
-
MD5
510373e64ab11602490e0e5eb36ef4d1
-
SHA1
284e402d86e35a510e428bd6dc990e1d6d87a8bc
-
SHA256
806b6bdbd08ad3ce6ef80e98af391220a71b4a69169c159e582067df46a26204
-
SHA512
30f536eeccc1200bf69f3adef6214387a17c919f332ca120b56e1d20dfd9e996c4aaa38f4d593ee7d25e05f8add7b17ea02922e3d4ac59403ab1d574c76345ff
-
SSDEEP
6144:xzAFVteZhTDb2WzbxEvk69q6CC4KEqU/G0VmyhNz+0dfpnXh:CfeqAxEvl9j34KEqcG02sRh
Score10/10-
Detects PlugX payload
-
PlugX
PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Loads dropped DLL
-