Overview

overview

10

Static

static

3

DWSIM_bin_...it.exe

windows10-2004-x64

10

Resubmissions

29-05-2023 14:48

230529-r6nwzscg4w 10

29-05-2023 13:55

230529-q737maca99 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DWSIM_bin_v844_setup_win7win8win10win11_64bit.exe

  • Size

    194.9MB

  • Sample

    230529-r6nwzscg4w

  • MD5

    86ca28bd1b44e23b240f66b3255a9066

  • SHA1

    bc6f1d376fec8322419e17349d5dd1c17eeef2b9

  • SHA256

    17c5b8ecfd7ff396a320bbbfea302eaff648213fcf2ec6bc1a79b6055d708f74

  • SHA512

    3190166615f616302b8dc799330b0e060d6afae1b534a4fc4dac62264df4d366b370c85b74fa3942ea32c9640fb8a05f81c86ebd3d96cd460c087b33286a2ef4

  • SSDEEP

    3145728:ohXbmla2GI8jx4lVSLXFJLKMuNSOZd891ZT1BFSl7MlFroahoXYns:cqXxl8/LxusZ9hal7MlFroahoXT

Score
10/10
plugxdiscoverytrojan

Malware Config

Targets

    • Target

      DWSIM_bin_v844_setup_win7win8win10win11_64bit.exe

    • Size

      194.9MB

    • MD5

      86ca28bd1b44e23b240f66b3255a9066

    • SHA1

      bc6f1d376fec8322419e17349d5dd1c17eeef2b9

    • SHA256

      17c5b8ecfd7ff396a320bbbfea302eaff648213fcf2ec6bc1a79b6055d708f74

    • SHA512

      3190166615f616302b8dc799330b0e060d6afae1b534a4fc4dac62264df4d366b370c85b74fa3942ea32c9640fb8a05f81c86ebd3d96cd460c087b33286a2ef4

    • SSDEEP

      3145728:ohXbmla2GI8jx4lVSLXFJLKMuNSOZd891ZT1BFSl7MlFroahoXYns:cqXxl8/LxusZ9hal7MlFroahoXT

    Score
    10/10
    plugxdiscoverytrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks