plugx | a5472bb2e9ed011596aeda9be8cb8fea3bbf6b1299bff525fd3179bd7ef20eb0

Sharing

Copy URL

Twitter E-mail

General

Target

ryujinx-1.1.417-win_x64.zip
Size

43.9MB
Sample

230308-tnh9wsea23
MD5

c54ccbe20d86026db937aefd01e8efc2
SHA1

74a942e601dca84b07044e98b832436f33f62774
SHA256

a5472bb2e9ed011596aeda9be8cb8fea3bbf6b1299bff525fd3179bd7ef20eb0
SHA512

972655ee84cb08b3df95149a18fe4bf549c56976dd3554eda91e9a0dc669437e2168e2f627cbc987cd93ca463c036c2647fefdfff24a83e950731e60250105a2
SSDEEP

786432:CFASNhmwdGxmw0jqMesVnyWvDpCwHMWC+VM8d8eKN4FJu3Nx:e3hdOqjNe2yWLMwBDMOHi5

Score

10^/10

plugx

Malware Config

Targets

- Target
  
  publish/OpenAL32.dll
- Size
  
  1.7MB
- MD5
  
  ff08ba3a9dfe6bd0b26f9055094c9550
- SHA1
  
  2dd9130b6dd4c49864635b1b7cc4a93ebcdd5e17
- SHA256
  
  5a42440a18a75ce588659158d74d26ab1850eabd34f3b25abd969a56d871db42
- SHA512
  
  db7eba84f7545740bc267298fbdcb70bcc820e5b7f1b2a38a5e0396d2c5da62715f5338f52025477a5bd0160389f1e27e12370a7829c8070d430d7838494b9dc
- SSDEEP
  
  24576:Vp4Z+cv92VrcRfw5K89ISay/D1IkYl57p+KGoq9gHvfnj/pC:VDARY5t9gy/D1ItHaiPP
Score

1^/10
behavioral1 behavioral2
- Target
  
  publish/Ryujinx.SDL2.Common.dll.config
- Size
  
  244B
- MD5
  
  2d175f1dad5afd5ff46691db53d9459a
- SHA1
  
  1b220dfd4badb4fe6d0f0cf839c76cced2f6e47e
- SHA256
  
  ccb8d75668d09da1d56153fef48e62de2ef3c6248cfb1b98169c4d94eac77ceb
- SHA512
  
  757e52f3badec151f3abc3da15ef446d6731fff62d2686b5e0f6455c6a823693a011bbd50b5fae35dc70e076ab7db908689778b94dcd1566c4f007001cb29c0b
Score

1^/10
behavioral3 behavioral4
- Target
  
  publish/Ryujinx.exe
- Size
  
  46.2MB
- MD5
  
  8a7310b8cf2e7dddc30ac9f4fb9063d5
- SHA1
  
  a75b7dec7f877db88c5dc4307e7c0248ee281ef7
- SHA256
  
  015bd070fd2233bd5569dae244d0424bc56fe9b61c908683d062a3d69afa5491
- SHA512
  
  56df5b7d6aabd9df6e56e85c4bf8c9468d99a50ba037a3792fcb8f81824049e25b6c08a4cad520d04906362d3b4c65a7a5bf732b3e5f852105ee1383f65d75fd
- SSDEEP
  
  196608:HCJfrFyrm3hgLYAVuSnGnhOL0B3s4VuaXemGMtS6pzNWBLjkej3XkCJeLa7VbVTu:i9rYq3hg8ThKSfMlj4LQTbyMyzUO
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  publish/SDL2.dll
- Size
  
  1.6MB
- MD5
  
  cca534488e13e852c851ca4a4fe3da39
- SHA1
  
  0345c301ed65def530611349bef04f8de414c541
- SHA256
  
  63ae677c3a55c3fd95d70cfa7793e8ee0f4f484a41eeeeefe402017aa1152851
- SHA512
  
  152a32bd9c28607f63323530802c8e3a9cdc2693ef163edb46296683721287d6a19e1fb918e786d1482808f30b451b1418f9f2741d07afcd87ff023b283cce04
- SSDEEP
  
  24576:afwctSMa2hd+Y4ByV85HaKRaQy5lcv4VXa2b/KXgx18u4iq9hzp2So:I1tNhd+HByV8563cv4Ram/KXgx18u4h
Score

1^/10
behavioral7 behavioral8
- Target
  
  publish/avcodec-59.dll
- Size
  
  1.9MB
- MD5
  
  8b486292a8967deea63c22fd93008946
- SHA1
  
  0b4ec34716c700ac3d8fd3952b56d779f823bc2b
- SHA256
  
  ea590297cdbc9ed9730c92f6cfeb5b1699128c022fce3b449dde7216c645c508
- SHA512
  
  3aee206059218f1877ec8d3c7185eac019daae7cd3e60a5e121c23d536cb3278a2f2ed06cf59cdf7bf1e3590e0d2d6998717da8b8bb78a5f0a15e1555e915970
- SSDEEP
  
  24576:EAzWTQGJKf13OpVCJTn+9nqIZ3ROGU8MUn3/2Sjt35KAZNIsR1++gz:EjTegVCw9qjSjpGsRn
Score

1^/10
behavioral10 behavioral9
- Target
  
  publish/avutil-57.dll
- Size
  
  753KB
- MD5
  
  8b008b755be4c74179a165a6e04c6915
- SHA1
  
  077bec5c727b055e0fab8756c799317b68cd81e3
- SHA256
  
  478cdbadda5bb02f56f358f6076cfbdaad0be507c3537be994fc2d7b23c6b9d0
- SHA512
  
  ef5f4fec59ba58f44b31af552d3da509f394c1e37a68c036ccf71e341f76a0458ec9b7cda31a03f46ae6e339ba416a9248e94ff9a871953b9a16f9db387bb1c8
- SSDEEP
  
  12288:QydN3cD2FdjPMUbmExk97ZU1M+2sHoxhj1KSKL9ZGaW3iSX:QydN3RmEguQsHoL1KLg
Score

3^/10
behavioral11 behavioral12
- Target
  
  publish/bin/libatk-1.0-0.dll
- Size
  
  136KB
- MD5
  
  ce9ab2defa6d7a584152a54108c30bfc
- SHA1
  
  8b221ad2c5c428c0b73b30f9fbebd1a99186c8f1
- SHA256
  
  2a80279b8dbeec1bb9b4121ccd4801034599184dab1c9166d5a29df1fd819df9
- SHA512
  
  10a9d8e4ad9d120260273f70c2a820c10429cff86ba770ffe1cb0f57097175e1367c52b7f7a97ac29e62b09f08a2799f3c43faf9df25dd44d39fed44b25ecd89
- SSDEEP
  
  1536:lQ/IMw1Tk3vQeJEMq8iMjIV9WBmF/9yjr7YrDn8KBBIxpRu63GQsU9jDQn7BmCoU:6ETWvrEMq8iMjIfKjArDnP0EzUxDGMvU
Score

3^/10
behavioral13 behavioral14
- Target
  
  publish/bin/libbz2-1.dll
- Size
  
  72KB
- MD5
  
  ab0e3427ea209d61ab6b08617c99b47c
- SHA1
  
  65002276e4e14ac067c78cd9fac498454fca2c02
- SHA256
  
  cde82b78524ba83ba94743417883e03e3311713ac0af87b50f5bc0335c5b77b6
- SHA512
  
  e45585c7945e30b8a3095e756652c0ab98367196d82f54d4384438bcad5b62b22b66a5f4f9ba246117cdd0d69b466aceb27873d7b44d55902e27cbebe898d016
- SSDEEP
  
  768:4Vf3UyszRfpZwMVKC2AfFBqs65nZNcF3kFOh9Q8y4mWaIN23AVrQPxx5Ttx:euRfpCMVKBAfO5nQF3uyez4mVQ84ex
Score

3^/10
behavioral15 behavioral16
- Target
  
  publish/bin/libcairo-2.dll
- Size
  
  991KB
- MD5
  
  011adbf1bcf6ecf533b429ab3a06cb4f
- SHA1
  
  cc3acdcec4103e3e9bb85c1814c17704b95862db
- SHA256
  
  751c93bc9e36ee73f30d24c13729afa1e8ceb6527706b2bd23df363dd5830304
- SHA512
  
  5fa08f6b4f276fadd1a0c3b95186a46ed57ddc9d1fc4f819fa4e3845d26c58b322943f8beabd11f118b6612a202857427499ac6469b491f2dd53541a0c117db2
- SSDEEP
  
  24576:90614pb4CZNZuZ5uCkFnWXPiJ0iEmsCn3UxMTfzLz:90M4pUCTZubuIXe0iEmsCnNTfzLz
Score

3^/10
behavioral17 behavioral18
- Target
  
  publish/bin/libcairo-gobject-2.dll
- Size
  
  36KB
- MD5
  
  84ab5fe7810c4cd4666971dcc8f102ad
- SHA1
  
  617720249bc7fa4c47ac849753d120c46b071ec5
- SHA256
  
  d198fdf7ca71b5d14af6d2da04c28ced9228b5158d9136656a96958b675c852e
- SHA512
  
  e844dfb7a5be66929514723e66844aa13221fa104489f2877349d099f7e38ba4290ffb1984a2db9a402e73162d8a279f2ba943fbbf73a3a73f38a902559f48ae
- SSDEEP
  
  384:y+BjEb5uJt4qunsZrtiOvUOxxeBDLi5RPdfEq06EG/EAL6AaJ7:TAIJzun4dxeM1F0RG/EXV
Score

1^/10
behavioral19 behavioral20
- Target
  
  publish/bin/libcroco-0.6-3.dll
- Size
  
  237KB
- MD5
  
  b481ed028dc922313ae96606f4ac3d9c
- SHA1
  
  32cf5c65bc3e67e05cd4ecd6579ba1cb6de4c728
- SHA256
  
  736524dd0b26a566c60965850a82d341dc7af61c150fee3f9a4e73dd4ba96b66
- SHA512
  
  9b5a779992263cf81680560dcc01a85c5e45a20faf8fdee3adff967e656ab84bdd033e539e1123745504855d4405cd0e0a06257f478c2acf6ce64c58b2db74d3
- SSDEEP
  
  3072:aff7k9QBQWwMAnkk7SmddFP8rfHA8pYvNm7pN0A8fCcKni9GtzxiVAkfWLFMMKSz:affVVfJk7SyKfHOquYMFbzSiI
Score

3^/10
behavioral21 behavioral22
- Target
  
  publish/bin/libdatrie-1.dll
- Size
  
  35KB
- MD5
  
  8a54723090530190eb11afcd5b702b1b
- SHA1
  
  dfa923ec796a754bd21c4f9e504305848a4cb1b2
- SHA256
  
  738f67f45faa07cc387baf390604ee4ce709cbe7c223d9a043ee06f7cb360d5b
- SHA512
  
  e0d310458c8259112e07b153edc86fdff29e1b09648fed8d163d44deb3bee1545e7ad37bb00e9255df6514844b21a829750848da42f85fa77bef376ce09750cf
- SSDEEP
  
  768:Hm5z53y6m/LHlM6GnPGUvMrsztd/sLLhF3VI:a53y6Gy6GuU5d/OhF3G
Score

3^/10
behavioral23 behavioral24
- Target
  
  publish/bin/libepoxy-0.dll
- Size
  
  1.6MB
- MD5
  
  96b7141337918d13864ed73c19e72cdc
- SHA1
  
  941a19ebac742b46fef5cae1dadb28a711b89840
- SHA256
  
  0555975567f1f9bf314202454c8bc2fcff8dd52a3060d70792f9705b35eff602
- SHA512
  
  0b505cdf23f6e604c63ee879b9acfd2ce11613ad7728967ebbed4a96358a92d7ecc18c8c0b526fe1cc0f8254e5009cb6f921d2149cc705b0aa1b99e340ac0065
- SSDEEP
  
  24576:EofAW4zUli3/4T6IVY60ZfFaSJuoYYT2U4x:EofA4iHF6UfISJtY+Jk
Score

1^/10
behavioral25 behavioral26
- Target
  
  publish/bin/libexpat-1.dll
- Size
  
  248KB
- MD5
  
  c1323b5df48fdf9e3bf2f96625ee9408
- SHA1
  
  515d1c49fc4ace8a9d058d1b631c3193345b1708
- SHA256
  
  582e9c53f5ed594c80f5013ead3eacabe126316595063bb1976a5d5d52f0f0a0
- SHA512
  
  a0f28fd719b2bfbfb566d186553be4f6a0e5ad8cd36e8f219be4f7f255f5a59bc8320f12de3f9ebc62ec8020f060617d1e13ccc162d219e9f4386b3a3c2bca6e
- SSDEEP
  
  3072:iFNEx+eMFTJXFLfS1U3+LcyAfIwv0TEeiMkmxBBBBBBcWFppuoc/lF3C8:kBRfS1U3+LY6jEOBBBBBBcWMoc/lF3C8
Score

3^/10
behavioral27 behavioral28
- Target
  
  publish/bin/libffi-6.dll
- Size
  
  33KB
- MD5
  
  835b9252cf84aa654459ee3b7d07e824
- SHA1
  
  89bd2b8cf4bebfc08a660520253ae097ba40d2f6
- SHA256
  
  077ed959cd9ab1bf8f9e2ed248a0cb6492a18fd2ba283f52896125412ead121d
- SHA512
  
  19d60efb0ed2c73707396627f95d46c7d2a42855a58f0a29d5ce2c9b143c4297ff02d96b83761bdfe3045a1b4ffa6351275760920353c3bdd0829eaef07f8cf5
- SSDEEP
  
  768:qDkNG8FQBQVlnfilN1SBmnKAl4444444444444N44d5DFgEg:skNG8FQctf9fbFgEg
Score

3^/10
behavioral29 behavioral30
- Target
  
  publish/bin/libfontconfig-1.dll
- Size
  
  288KB
- MD5
  
  efe9a5ff9d1d6a8cdcb8670d98791b81
- SHA1
  
  a0daffc09bb58df32478b69bbc2ceca709d52a70
- SHA256
  
  34b4d2804dd5e3e46b6592b9d4e875afca50652f487733545257817b25416f31
- SHA512
  
  a3b92c630d95aff0b734b287a04e0b0310c63136100171bb0146f1941d5fe6181d25a084686e7419bbb2e7c08e65fc9e8b4ca0e9a833c35aba2aaf80f40b8b6b
- SSDEEP
  
  6144:Y8eYpWtiDDGoO2NKdp9yFArsHGn7Zx1MbF84/:xdWMDDFO2MdpoFAFn7X1MbF84/
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32