Overview

overview

10

Static

static

f92423862c...5f.exe

windows7-x64

10

f92423862c...5f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f92423862cafe75535d33bbd79460b52f1882aee4df8925d4dfd4c1a7d20325f

  • Size

    425KB

  • Sample

    221207-mwd7ksch3t

  • MD5

    cf98f01911d6d3f7c178840266a31829

  • SHA1

    2caa8db3df451cfdfbd5520c3517f6219885c307

  • SHA256

    f92423862cafe75535d33bbd79460b52f1882aee4df8925d4dfd4c1a7d20325f

  • SHA512

    9c47aa0a30e43eb8535bb48d8b268dbebe596ae26395e311de8a476257992cb4b2933f3a4d0a10cc3dd3fa248383492cd5bbaad82785dd4d3b2ef700c954f550

  • SSDEEP

    12288:ZK2mhAMJ/cPl1mJmZbWS8TCuflvFUeXc1DB3Z1enHojuDQQMAc:Y2O/Gl1mCyS6CiPexZ1enHo6DQQg

Score
10/10
plugxtrojan

Malware Config

Targets

    • Target

      f92423862cafe75535d33bbd79460b52f1882aee4df8925d4dfd4c1a7d20325f

    • Size

      425KB

    • MD5

      cf98f01911d6d3f7c178840266a31829

    • SHA1

      2caa8db3df451cfdfbd5520c3517f6219885c307

    • SHA256

      f92423862cafe75535d33bbd79460b52f1882aee4df8925d4dfd4c1a7d20325f

    • SHA512

      9c47aa0a30e43eb8535bb48d8b268dbebe596ae26395e311de8a476257992cb4b2933f3a4d0a10cc3dd3fa248383492cd5bbaad82785dd4d3b2ef700c954f550

    • SSDEEP

      12288:ZK2mhAMJ/cPl1mJmZbWS8TCuflvFUeXc1DB3Z1enHojuDQQMAc:Y2O/Gl1mCyS6CiPexZ1enHo6DQQg

    Score
    10/10
    plugxtrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks