plugx | f72cdd9dc87c924b0c843a5bfa14b258346405938c88679a627d26b14ed15847

Sharing

Copy URL

Twitter E-mail

General

Target

3066c7079c5c6987455bca992038a2cc.bin
Size

44.8MB
Sample

230505-bde6dahg2x
MD5

3066c7079c5c6987455bca992038a2cc
SHA1

8bf1a146009f5fc95fbae38b277d51c9a98c2e4a
SHA256

f72cdd9dc87c924b0c843a5bfa14b258346405938c88679a627d26b14ed15847
SHA512

6dfa4f32700a648d45f0680bfe012418ac6ce8078164a95c431148174541739587cd615c6ad0496c6961c951dadc0c28b9fe91d94bc953a2d105d9c030de4850
SSDEEP

786432:fNhmwdGxmw0TqAoekmvLMxY/9cC1s2eielJ4F9u6Ne:VhdOqTTonmvYxYlcpjD

Score

10^/10

plugx

Malware Config

Targets

- Target
  
  publish/OpenAL32.dll
- Size
  
  1.7MB
- MD5
  
  ff08ba3a9dfe6bd0b26f9055094c9550
- SHA1
  
  2dd9130b6dd4c49864635b1b7cc4a93ebcdd5e17
- SHA256
  
  5a42440a18a75ce588659158d74d26ab1850eabd34f3b25abd969a56d871db42
- SHA512
  
  db7eba84f7545740bc267298fbdcb70bcc820e5b7f1b2a38a5e0396d2c5da62715f5338f52025477a5bd0160389f1e27e12370a7829c8070d430d7838494b9dc
- SSDEEP
  
  24576:Vp4Z+cv92VrcRfw5K89ISay/D1IkYl57p+KGoq9gHvfnj/pC:VDARY5t9gy/D1ItHaiPP
Score

1^/10
behavioral1 behavioral2
- Target
  
  publish/Ryujinx.SDL2.Common.dll.config
- Size
  
  244B
- MD5
  
  2d175f1dad5afd5ff46691db53d9459a
- SHA1
  
  1b220dfd4badb4fe6d0f0cf839c76cced2f6e47e
- SHA256
  
  ccb8d75668d09da1d56153fef48e62de2ef3c6248cfb1b98169c4d94eac77ceb
- SHA512
  
  757e52f3badec151f3abc3da15ef446d6731fff62d2686b5e0f6455c6a823693a011bbd50b5fae35dc70e076ab7db908689778b94dcd1566c4f007001cb29c0b
Score

1^/10
behavioral3 behavioral4
- Target
  
  publish/Ryujinx.exe
- Size
  
  48.4MB
- MD5
  
  b0797f9198573f3ff62d1e0137fcdc32
- SHA1
  
  e94a8393e836c3d8a461fa0b64127a8a082a7c62
- SHA256
  
  201c6a39fb12daa53ba03b1a557acaedfe3bdd550687b39667c49b156ac926e9
- SHA512
  
  766f27e2597af2bcdb6233cb972fac128297239ec30c721a59cc22cb9832e6a5ec4f5db1e249978570ec75e6780bf11f9e05d0994fed136da9a32757ac8e1f0a
- SSDEEP
  
  196608:s7at47TJ7z4OW1pBeGh7byud8a8ypl54+b7nsq2kTTYHpGuC9Kmg9iKpzNWb/Uny:2atW17zli9byoplIMlavMGY1wTvq49GJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  publish/SDL2.dll
- Size
  
  1.6MB
- MD5
  
  634b912e27d0e2e8b7f077a872ed71ec
- SHA1
  
  3880c2a02a0b7eea5602ef1fec0cdfc3e44d9377
- SHA256
  
  c376384d6a71507ff04ade3174f117e223e6b2220c82804acccdf2c467b3ae6b
- SHA512
  
  2607acc778d3c6b7947253a6b2469ac7f67abdb3ef19ced7d27750e216e57ad7e0dcd80679b959ae521242a54c8aeb11849e4e72732ec0b91dfb18d71c2f51c1
- SSDEEP
  
  24576:Bau7gQxK9ZZZaBKarl/MawEfxUB2AzbuLkyUz9io4tl+jhzp:T7gwK97Zakarl/B1qTbuLkyUz9io4q
Score

1^/10
behavioral7 behavioral8
- Target
  
  publish/avcodec-59.dll
- Size
  
  1.9MB
- MD5
  
  45c29e06a2f9992dfce257697b6f42fd
- SHA1
  
  808088be4e5bee66402db7840231059827a7fda4
- SHA256
  
  42f2dfe59fe9bdf1e331e4b520fd7eeecd5c6b2f435703f2be471147f5ac40a0
- SHA512
  
  9f78ab6884becc8f9539169dfc039b48b459a2a04bef9b89640d0a4de0bb8c82b109bcf93234a05ca20d04834a7391170c4abecb1de7c31e60ad5543f209a587
- SSDEEP
  
  24576:gAzWTQGJKf13OpVCJTn+9nqIZ3ROGU8MUn3/2Sjt35KAZNIUR1++gz:gjTegVCw9qjSjpGURn
Score

1^/10
behavioral10 behavioral9
- Target
  
  publish/avutil-57.dll
- Size
  
  753KB
- MD5
  
  a7b21c4bd1a114eff24709d596bcfb20
- SHA1
  
  1ec0fa4a1aa105bae5528b74bfe176b4b89791de
- SHA256
  
  e46a6821db34a22c0f5a2c7bf43f16cc629c9bcdebfb3a93b4834b0a16815cef
- SHA512
  
  7601b79c20367ba777abd7cf075bc7841ba0566b81a83533e543847103524de48de99a9cc1166c2b0759d6dab473515d82faef6efd87024e956a5a74cd32f8c9
- SSDEEP
  
  12288:nSdWIND2FdjPMUb2rRE97Z71MJDe332EyFf9w9K29pnaO+iSX:nSdWI82rg9ue33/e4K2O
Score

3^/10
behavioral11 behavioral12
- Target
  
  publish/bin/libatk-1.0-0.dll
- Size
  
  136KB
- MD5
  
  ce9ab2defa6d7a584152a54108c30bfc
- SHA1
  
  8b221ad2c5c428c0b73b30f9fbebd1a99186c8f1
- SHA256
  
  2a80279b8dbeec1bb9b4121ccd4801034599184dab1c9166d5a29df1fd819df9
- SHA512
  
  10a9d8e4ad9d120260273f70c2a820c10429cff86ba770ffe1cb0f57097175e1367c52b7f7a97ac29e62b09f08a2799f3c43faf9df25dd44d39fed44b25ecd89
- SSDEEP
  
  1536:lQ/IMw1Tk3vQeJEMq8iMjIV9WBmF/9yjr7YrDn8KBBIxpRu63GQsU9jDQn7BmCoU:6ETWvrEMq8iMjIfKjArDnP0EzUxDGMvU
Score

3^/10
behavioral13 behavioral14
- Target
  
  publish/bin/libbz2-1.dll
- Size
  
  72KB
- MD5
  
  ab0e3427ea209d61ab6b08617c99b47c
- SHA1
  
  65002276e4e14ac067c78cd9fac498454fca2c02
- SHA256
  
  cde82b78524ba83ba94743417883e03e3311713ac0af87b50f5bc0335c5b77b6
- SHA512
  
  e45585c7945e30b8a3095e756652c0ab98367196d82f54d4384438bcad5b62b22b66a5f4f9ba246117cdd0d69b466aceb27873d7b44d55902e27cbebe898d016
- SSDEEP
  
  768:4Vf3UyszRfpZwMVKC2AfFBqs65nZNcF3kFOh9Q8y4mWaIN23AVrQPxx5Ttx:euRfpCMVKBAfO5nQF3uyez4mVQ84ex
Score

3^/10
behavioral15 behavioral16
- Target
  
  publish/bin/libcairo-2.dll
- Size
  
  991KB
- MD5
  
  011adbf1bcf6ecf533b429ab3a06cb4f
- SHA1
  
  cc3acdcec4103e3e9bb85c1814c17704b95862db
- SHA256
  
  751c93bc9e36ee73f30d24c13729afa1e8ceb6527706b2bd23df363dd5830304
- SHA512
  
  5fa08f6b4f276fadd1a0c3b95186a46ed57ddc9d1fc4f819fa4e3845d26c58b322943f8beabd11f118b6612a202857427499ac6469b491f2dd53541a0c117db2
- SSDEEP
  
  24576:90614pb4CZNZuZ5uCkFnWXPiJ0iEmsCn3UxMTfzLz:90M4pUCTZubuIXe0iEmsCnNTfzLz
Score

3^/10
behavioral17 behavioral18
- Target
  
  publish/bin/libcairo-gobject-2.dll
- Size
  
  36KB
- MD5
  
  84ab5fe7810c4cd4666971dcc8f102ad
- SHA1
  
  617720249bc7fa4c47ac849753d120c46b071ec5
- SHA256
  
  d198fdf7ca71b5d14af6d2da04c28ced9228b5158d9136656a96958b675c852e
- SHA512
  
  e844dfb7a5be66929514723e66844aa13221fa104489f2877349d099f7e38ba4290ffb1984a2db9a402e73162d8a279f2ba943fbbf73a3a73f38a902559f48ae
- SSDEEP
  
  384:y+BjEb5uJt4qunsZrtiOvUOxxeBDLi5RPdfEq06EG/EAL6AaJ7:TAIJzun4dxeM1F0RG/EXV
Score

1^/10
behavioral19 behavioral20
- Target
  
  publish/bin/libcroco-0.6-3.dll
- Size
  
  237KB
- MD5
  
  b481ed028dc922313ae96606f4ac3d9c
- SHA1
  
  32cf5c65bc3e67e05cd4ecd6579ba1cb6de4c728
- SHA256
  
  736524dd0b26a566c60965850a82d341dc7af61c150fee3f9a4e73dd4ba96b66
- SHA512
  
  9b5a779992263cf81680560dcc01a85c5e45a20faf8fdee3adff967e656ab84bdd033e539e1123745504855d4405cd0e0a06257f478c2acf6ce64c58b2db74d3
- SSDEEP
  
  3072:aff7k9QBQWwMAnkk7SmddFP8rfHA8pYvNm7pN0A8fCcKni9GtzxiVAkfWLFMMKSz:affVVfJk7SyKfHOquYMFbzSiI
Score

3^/10
behavioral21 behavioral22
- Target
  
  publish/bin/libdatrie-1.dll
- Size
  
  35KB
- MD5
  
  8a54723090530190eb11afcd5b702b1b
- SHA1
  
  dfa923ec796a754bd21c4f9e504305848a4cb1b2
- SHA256
  
  738f67f45faa07cc387baf390604ee4ce709cbe7c223d9a043ee06f7cb360d5b
- SHA512
  
  e0d310458c8259112e07b153edc86fdff29e1b09648fed8d163d44deb3bee1545e7ad37bb00e9255df6514844b21a829750848da42f85fa77bef376ce09750cf
- SSDEEP
  
  768:Hm5z53y6m/LHlM6GnPGUvMrsztd/sLLhF3VI:a53y6Gy6GuU5d/OhF3G
Score

3^/10
behavioral23 behavioral24
- Target
  
  publish/bin/libepoxy-0.dll
- Size
  
  1.6MB
- MD5
  
  96b7141337918d13864ed73c19e72cdc
- SHA1
  
  941a19ebac742b46fef5cae1dadb28a711b89840
- SHA256
  
  0555975567f1f9bf314202454c8bc2fcff8dd52a3060d70792f9705b35eff602
- SHA512
  
  0b505cdf23f6e604c63ee879b9acfd2ce11613ad7728967ebbed4a96358a92d7ecc18c8c0b526fe1cc0f8254e5009cb6f921d2149cc705b0aa1b99e340ac0065
- SSDEEP
  
  24576:EofAW4zUli3/4T6IVY60ZfFaSJuoYYT2U4x:EofA4iHF6UfISJtY+Jk
Score

1^/10
behavioral25 behavioral26
- Target
  
  publish/bin/libexpat-1.dll
- Size
  
  248KB
- MD5
  
  c1323b5df48fdf9e3bf2f96625ee9408
- SHA1
  
  515d1c49fc4ace8a9d058d1b631c3193345b1708
- SHA256
  
  582e9c53f5ed594c80f5013ead3eacabe126316595063bb1976a5d5d52f0f0a0
- SHA512
  
  a0f28fd719b2bfbfb566d186553be4f6a0e5ad8cd36e8f219be4f7f255f5a59bc8320f12de3f9ebc62ec8020f060617d1e13ccc162d219e9f4386b3a3c2bca6e
- SSDEEP
  
  3072:iFNEx+eMFTJXFLfS1U3+LcyAfIwv0TEeiMkmxBBBBBBcWFppuoc/lF3C8:kBRfS1U3+LY6jEOBBBBBBcWMoc/lF3C8
Score

3^/10
behavioral27 behavioral28
- Target
  
  publish/bin/libffi-6.dll
- Size
  
  33KB
- MD5
  
  835b9252cf84aa654459ee3b7d07e824
- SHA1
  
  89bd2b8cf4bebfc08a660520253ae097ba40d2f6
- SHA256
  
  077ed959cd9ab1bf8f9e2ed248a0cb6492a18fd2ba283f52896125412ead121d
- SHA512
  
  19d60efb0ed2c73707396627f95d46c7d2a42855a58f0a29d5ce2c9b143c4297ff02d96b83761bdfe3045a1b4ffa6351275760920353c3bdd0829eaef07f8cf5
- SSDEEP
  
  768:qDkNG8FQBQVlnfilN1SBmnKAl4444444444444N44d5DFgEg:skNG8FQctf9fbFgEg
Score

3^/10
behavioral29 behavioral30
- Target
  
  publish/bin/libfontconfig-1.dll
- Size
  
  288KB
- MD5
  
  efe9a5ff9d1d6a8cdcb8670d98791b81
- SHA1
  
  a0daffc09bb58df32478b69bbc2ceca709d52a70
- SHA256
  
  34b4d2804dd5e3e46b6592b9d4e875afca50652f487733545257817b25416f31
- SHA512
  
  a3b92c630d95aff0b734b287a04e0b0310c63136100171bb0146f1941d5fe6181d25a084686e7419bbb2e7c08e65fc9e8b4ca0e9a833c35aba2aaf80f40b8b6b
- SSDEEP
  
  6144:Y8eYpWtiDDGoO2NKdp9yFArsHGn7Zx1MbF84/:xdWMDDFO2MdpoFAFn7X1MbF84/
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32