plugx | 55bfe41ee6e3783d3df72f9b42a69583a8c2c59dac8d1af7d70da1657fe09d74 | Triage

Submit
Reports

Overview

overview

Static

static

55bfe41ee6...74.exe

windows7-x64

55bfe41ee6...74.exe

windows10-2004-x64

Sharing

General

Target

55bfe41ee6e3783d3df72f9b42a69583a8c2c59dac8d1af7d70da1657fe09d74
Size

243KB
Sample

221205-xj4a2sad6x
MD5

c5684320e55824d99f009382dd0804df
SHA1

cd336b57d677db8fa60af8b6550e077efa7bb0fa
SHA256

55bfe41ee6e3783d3df72f9b42a69583a8c2c59dac8d1af7d70da1657fe09d74
SHA512

30925165742752137f0716d73bee5c0047456d4be269da74ff4b1e89b0edcd4b7a89d818bc8e4ec11b19c61ec2abc62cd6bab4bb7358caf2772f55a702a6020e
SSDEEP

6144:pLRA0S1lHhJNuTwU9l0OrDvxYDTdw4myOKNGVFp:p20S1XtqDZYDT9mjoGV

Score

10^/10

plugx trojan

Static task

static1

Behavioral task

behavioral1

Sample

55bfe41ee6e3783d3df72f9b42a69583a8c2c59dac8d1af7d70da1657fe09d74.exe

Resource

win7-20221111-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

55bfe41ee6e3783d3df72f9b42a69583a8c2c59dac8d1af7d70da1657fe09d74.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  55bfe41ee6e3783d3df72f9b42a69583a8c2c59dac8d1af7d70da1657fe09d74
- Size
  
  243KB
- MD5
  
  c5684320e55824d99f009382dd0804df
- SHA1
  
  cd336b57d677db8fa60af8b6550e077efa7bb0fa
- SHA256
  
  55bfe41ee6e3783d3df72f9b42a69583a8c2c59dac8d1af7d70da1657fe09d74
- SHA512
  
  30925165742752137f0716d73bee5c0047456d4be269da74ff4b1e89b0edcd4b7a89d818bc8e4ec11b19c61ec2abc62cd6bab4bb7358caf2772f55a702a6020e
- SSDEEP
  
  6144:pLRA0S1lHhJNuTwU9l0OrDvxYDTdw4myOKNGVFp:p20S1XtqDZYDT9mjoGV
Score

10^/10

plugx trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy