General

  • Target

    t.zip

  • Size

    264KB

  • Sample

    230215-rem6dabh2x

  • MD5

    3c3458fa987a02e8828ba3be85ecfb25

  • SHA1

    8644748ea6189430b334bf6816e5ba01ea2c74de

  • SHA256

    721ff308a706259c674adbd7c1606f5d5636674dc372ab739f1224e0be06184a

  • SHA512

    e642de12271a7d69c4ddbfe5f960831d7ab65d0ed20b68bd810d25777817a945f06a67aca067734b900b4da9fc6237d7a9fce880bce2b3387c561bd5367ce1f3

  • SSDEEP

    6144:/OZ9JTnmx8HSipHM7sQVNHaBcjjPPy/kAWB6C9ogmWrmSjOGAHaEhen:mZ9J6xVlVNHOKDPKkAKogvrQGgaEy

Score
10/10

Malware Config

Targets

    • Target

      t/SmadHook32.dll

    • Size

      70KB

    • MD5

      e1ed9b48016d43398cdf62a61c9b113d

    • SHA1

      b8e7183fba57ca867393ea4edf62fe60d1549c94

    • SHA256

      2e0b20fd34c70ec0566cb6e0852520fbab9452e3cb7aad8299ae841ac71733cf

    • SHA512

      4b5fd58c0d6a59d710d80f0bec216ba19d9e52c1516d799a991995bd7a9f6e45667f924ef7b7320773881d521a1059bb8a2686e1324ed8083c10ca68e1f48714

    • SSDEEP

      1536:24Hd4iaPI1/zhAP6YtnogaDc8zvsWjcdS78a:czw1/zeMzQSX

    Score
    1/10
    • Target

      t/Smadav.exe

    • Size

      77KB

    • MD5

      b830cd1b49bd31bcdb6192c20cf0b141

    • SHA1

      b9629fdd735956772e9a3ceedcdb829bba6f8a43

    • SHA256

      21d34a02ec28e9bd6f7b2f96ac7921f5ef08d291416b38a3fc8cf651f11fc820

    • SHA512

      0ffef5b2681e57d3586b878bbf174a667423cd30e75a7f4ef60910922b2f9e3e02af309a7c3f15b70a42b747445513df43ce651dcb85bec7b94bfed6a7704ccd

    • SSDEEP

      1536:NF81hiRzGLSNegJYJoUP8MXTi9Xtr835XoR66E:NFsGGLalYJoDDx835XoRe

    Score
    10/10
    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Target

      t/setupres.dll

    • Size

      75KB

    • MD5

      f1f9e9bd62292768f433c4f894eadb58

    • SHA1

      835aac8aa29b747cd90d44b9fef5683bf0f1f6d9

    • SHA256

      7863ad82f7e1c036e48e928433932177a14670033028b42f44dafeacb40a86a9

    • SHA512

      e59b908e54d162abc2aa2d814b71d1ff62a4d2105d2f22df8e8371b760111de30ca6e4f77e14ccbc2ec49eba3ff1013d023edb9f72c89bada17eaf4558ca669c

    • SSDEEP

      1536:71z1GbzJ50O6ZTVATfXqKtyoR5Lc+CQYsWjcdx6my+F:7tUvyAXqSdo6

    Score
    1/10

MITRE ATT&CK Matrix

Tasks