plugx | 17c5b8ecfd7ff396a320bbbfea302eaff648213fcf2ec6bc1a79b6055d708f74 | Triage

Submit
Reports

Overview

overview

Static

static

3

DWSIM_bin_...it.exe

windows10-2004-x64

Resubmissions

29-05-2023 14:48

230529-r6nwzscg4w 10

29-05-2023 13:55

230529-q737maca99 7

Sharing

General

Target

DWSIM_bin_v844_setup_win7win8win10win11_64bit.exe
Size

194.9MB
Sample

230529-r6nwzscg4w
MD5

86ca28bd1b44e23b240f66b3255a9066
SHA1

bc6f1d376fec8322419e17349d5dd1c17eeef2b9
SHA256

17c5b8ecfd7ff396a320bbbfea302eaff648213fcf2ec6bc1a79b6055d708f74
SHA512

3190166615f616302b8dc799330b0e060d6afae1b534a4fc4dac62264df4d366b370c85b74fa3942ea32c9640fb8a05f81c86ebd3d96cd460c087b33286a2ef4
SSDEEP

3145728:ohXbmla2GI8jx4lVSLXFJLKMuNSOZd891ZT1BFSl7MlFroahoXYns:cqXxl8/LxusZ9hal7MlFroahoXT

Score

10^/10

plugx discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

DWSIM_bin_v844_setup_win7win8win10win11_64bit.exe

Resource

win10v2004-20230220-en

plugx discovery trojan

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  DWSIM_bin_v844_setup_win7win8win10win11_64bit.exe
- Size
  
  194.9MB
- MD5
  
  86ca28bd1b44e23b240f66b3255a9066
- SHA1
  
  bc6f1d376fec8322419e17349d5dd1c17eeef2b9
- SHA256
  
  17c5b8ecfd7ff396a320bbbfea302eaff648213fcf2ec6bc1a79b6055d708f74
- SHA512
  
  3190166615f616302b8dc799330b0e060d6afae1b534a4fc4dac62264df4d366b370c85b74fa3942ea32c9640fb8a05f81c86ebd3d96cd460c087b33286a2ef4
- SSDEEP
  
  3145728:ohXbmla2GI8jx4lVSLXFJLKMuNSOZd891ZT1BFSl7MlFroahoXYns:cqXxl8/LxusZ9hal7MlFroahoXT
Score

10^/10

plugx discovery trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

plugxdiscoverytrojan

© 2018-2024

Terms | Privacy