ploutus | 6448b0c8f932a4743aa387223f5ea0fbf08c5001f7b4c93b04fed8c58c4ba2af

Sharing

Copy URL

Twitter E-mail

General

Target

NetSpot Enterprise v3.0.405.0 Portable.rar
Size

38.3MB
Sample

231011-zehjwsea45
MD5

2b556db8d1b1523b4b7131d56377bc62
SHA1

ce42995feb726cb67d23dd6f4b72a36c7437e6e9
SHA256

6448b0c8f932a4743aa387223f5ea0fbf08c5001f7b4c93b04fed8c58c4ba2af
SHA512

95d2ab5df5fe673babbd0b66104f277e0c91e1e2dbf94a3180f8c92e8d4a3806b89573b93f0631205a5b5c425cc80668d00db0e0f33cbf4c1dadce3e07f4205e
SSDEEP

786432:fnplvTC2SiTbbKdiTJ5vbkxfm4ACrj+NlwlC7i6/bcq35rXZbaAYcfVh:wWbudiTJ5oxfm4BmNlwlC7ikp35889h

Score

10^/10

ploutus

Malware Config

Targets

- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/BouncyCastle.Crypto.dll
- Size
  
  2.5MB
- MD5
  
  87b76be9301c9b7a054c1c2b5bf4cea0
- SHA1
  
  c45048afca59541e781a065e6f12d182cade4bb8
- SHA256
  
  f0da4eeb7d3f5489eecf20ddb3df28092341702af1933f29ed3dd52d83b0f6e3
- SHA512
  
  6a4d7ab87339782ce1bf290c6e7bee8705f4dc507d3f18ba131587b0960ae9e0db277a7b5307a4634d2ee6b0220a3ed9114747d99a27ed04587793fedcdd3d73
- SSDEEP
  
  49152:vCTzhVM0AU5d3UOhq8hmReOUJfd5T3D+VTQlgQeCKbu9kQLO0W:ewU5d3vhzhmoOmfd5rqX0W
Score

1^/10
behavioral1 behavioral2
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/ITextSharp.dll
- Size
  
  2.5MB
- MD5
  
  7c801ccbcf0125736281fcc981314e0b
- SHA1
  
  a95381880a9f6f7565425b3fd880fbd66e67908e
- SHA256
  
  cadcbbccc9e839ac6340620da4190b14786235546810b2d2a3901b1f665db7fc
- SHA512
  
  7053d779b0525adfadb81ac57621a3a6c2d06e2cffbfd1338448804c3ed294a3fc217e397c7b1f9a37ae5c5465feb5e710c176aeb44b174f7c1fed6675264cc0
- SSDEEP
  
  24576:nfLbHo+3NJ6ruQ3iPGZJ2lkkz5P+8ja1bQS4UbFLr3oApxrEeeiW+kn9jEH3M5vC:pN9U5kzI1bpbh3oApxrEeeb9jEH3qC
Score

1^/10
behavioral3 behavioral4
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/Microsoft.WindowsAPICodePack.Shell.dll
- Size
  
  541KB
- MD5
  
  95445d5cac8ef07afe36b10b1f7d8b26
- SHA1
  
  740c9cb0d1d7bcb116894aba7f0a7fff9923262b
- SHA256
  
  1a7e971fe1d2e581b57372a666f17901bd37ed7d89b20a187efd6ab286df5702
- SHA512
  
  cbc3bab9515706fc6679ab3c72115a2084c09a8c37cb31d9b39f462f2cf7ad5e436476d7f90161fd7764b423b31c07b91322be256e09638f10495ede7faf80e8
- SSDEEP
  
  6144:ktIgLGv5WBfXkYlsL/Nz++R1yji08n3uzxRQKEPmBm9C5vEx3tcQ8Vub8xPtwZEV:Uz81Dn3GQ/9C58x3tWXH9gvst
Score

1^/10
behavioral5 behavioral6
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/Microsoft.WindowsAPICodePack.dll
- Size
  
  114KB
- MD5
  
  bf9e6b99496bfeef7fcb6e0826b2f288
- SHA1
  
  deec1f9849f9de7bf99dd7adf2243544cfe34efe
- SHA256
  
  009d1a356c1a86d701d20bf267040d43bac7e4b79f15e7d78a9cf8242d340d84
- SHA512
  
  81bd73c843a34d52de024bc30a4ee044a9e259ebbf0d5352f6ee0873e8ba3cd8dba6685b3f9c501d548d1df294543116f1ef3a9b5cdd780b17fb392102d0b0ba
- SSDEEP
  
  3072:bfBa6TWUNuRhicznzcSZRazyDG43vjyMcnFlizq+1t:oUNuZjAI+mvuM6+1t
Score

1^/10
behavioral7 behavioral8
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Base.dll
- Size
  
  39.1MB
- MD5
  
  cdb5c7d5538251604cd8d6f8a911561b
- SHA1
  
  83ce2ab5057c5a7b23e99a7366db4f21d2a2e2c8
- SHA256
  
  fb723ae2201edf30dbac4f360e4146faf0f9383ed1c69eba3dd1f1d80246fab2
- SHA512
  
  84676541001f60213853e3611f6ec360c15f2160e9752e7f0568d7b3ad72ffa1c9fa460b682dab69bb63210bf433603db4eca611bd4ea7be0ebb73ebc05a2d68
- SSDEEP
  
  786432:8PoCTMBv9juj1SlLXCDPpnZQkrwCd2i/CxDdZJiGVLlaCP46f/ZQIykPbruYlvlX:IaK5SlwpnZ/ECA6CxDdZAG9l7rf/ZQUv
Score

1^/10
behavioral10 behavioral9
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Core.Base.dll
- Size
  
  65KB
- MD5
  
  714301396cd0f9aaf0a5265adae0ed7d
- SHA1
  
  7e443dbc169973effa6b2ffd6c68c8f9495e8ebf
- SHA256
  
  b30d8263e6888f44fb382c971e57eac2e8b2362c85a51b70a84c13112a319c07
- SHA512
  
  5f534e5f8315b7678005527550ae537a71918644c180d63fca43d15e760cfee6e5dc1f22f1b19a9124ba02596bb71896f677b333dd15290fcbafd255470067b8
- SSDEEP
  
  768:MZjmRIjksIDMY7h47IpwlMmhWz83hwbkcVEuZXVuIzncJ+TtqrIrCPEkHm9:rrsqt70IelN8EufzncJYkrNMX
Score

1^/10
behavioral11 behavioral12
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Core.Data.Discover.dll
- Size
  
  50KB
- MD5
  
  1f6511e9e519080d3cd532bddca78709
- SHA1
  
  92cb125eb8949550e4d02d5b23d8a3151cebe88c
- SHA256
  
  ee51b069725ab2980195b51ad149573a24647cc14291f27f54ef96ad52388f68
- SHA512
  
  5d903846bc7d79ce21c1731696c488b4528fd0eade6c5ccc9a507e4425887ecff76c5498d15fe2df65fef2102a577c62d9ee2fcc6cf422ab69476f15623562b5
- SSDEEP
  
  768:Er4+c6+T/QpTjaQUZogiI31Z/GIlQzsR33fINN2R3+EAMxkETHa:2c6vpvQNgIlQzsRQNNc3+CxHa
Score

1^/10
behavioral13 behavioral14
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Core.Data.Predictive.dll
- Size
  
  65KB
- MD5
  
  0f11b6806b6272df8ac573670d794ce8
- SHA1
  
  8051aabcbb1c604f27d5eeedc8004aff4cb469ed
- SHA256
  
  2adae0d310a52eb4d2b375b35f08ed895fd705a443abc997c237d7e52bb66e99
- SHA512
  
  f2f234d54d19e205d8ee20e1893e0e1ac97b3472802697dd8e4ac404cf4b59cc943f9d648f2e6c6480ebe0e8d03b05118ca0cdeed330f2dd904d8b47122b9bf5
- SSDEEP
  
  1536:iqpSHHcDney1vlAZxxSpNmMrPGzSchZdNGc3Yuud3NHWo+oxH:iqpSHHcDL1vlAZer+zS0ZdNGco7d3N26
Score

1^/10
behavioral15 behavioral16
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Core.Data.Survey.dll
- Size
  
  80KB
- MD5
  
  4233739e9a9764b6760b4c589d346b8b
- SHA1
  
  7233d0e148f4a63ffd88ab815182dcd41692760d
- SHA256
  
  6a666b07b0ccbe9540820bbb7b3086d2976b3b0d306811e482da872fc6d840d1
- SHA512
  
  44dc9f7b3632e772e1f7eb9ac3c25f1224b440ff02515a4ec020c491326f1dfc87c44ce939d99b343df6a9bdabc9b15c696d493c924c85f22484922dc783c946
- SSDEEP
  
  1536:BGyuUumeBmwkH1of9zKgZdhhS5KvggNUnrb+Rxxw:xuxdkH1SzdZdhhgKvggQrb+e
Score

1^/10
behavioral17 behavioral18
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Core.Data.dll
- Size
  
  104KB
- MD5
  
  589a52e676d94eebb3b058b84dc432fc
- SHA1
  
  d852cfa5488fb2b49755aafb9b629ded2e4c58d4
- SHA256
  
  c745d3da33429ac453b1bdd01e70125c81ac6183188849d23833a2440be6bf13
- SHA512
  
  64af8df958e02d6c3097ee3f31b84764d7e76d8ddf22c0abdbfb041132b4d55edc82c7a05342cb16f7bd041ec4dd5edcfb3c4bab48d3f4cfc534f897e0da477d
- SSDEEP
  
  3072:175mNitiCrapntXQo4dddooodPJdNLdvEFdp4QBw2ZifKGr+s:wpQo4dddooodPLNLd8Fdp3ZTS+s
Score

1^/10
behavioral19 behavioral20
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Core.Heatmaps.dll
- Size
  
  62KB
- MD5
  
  72a080faf6d9b8ab60da48896ffb536f
- SHA1
  
  e99e969752f01bd7cbb9c1c018a6d41cd8d31434
- SHA256
  
  b0d084e443f27bbaf23de622a7e3d8e0ba228d949753d68d204479ea7ed0ccd0
- SHA512
  
  507cf76a500c718edab0ca366b5c2c43f638217bdd551fdba0866ebcebd1e6c9b9874293b6cff7e56ce656f1becbccda4d6dbbc9a0f0af11ae0dd3152d86afa2
- SSDEEP
  
  768:pH1gKKHXpek3SF+JSt8AlHuKBYgoxQDAsiJo1QjzImLtU15R3sQc7m29+mAMxkE/:pVgQkw+1AlH5n0sAq155Lc7m29+UxL
Score

1^/10
behavioral21 behavioral22
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Discover.dll
- Size
  
  133KB
- MD5
  
  9be7e10d91c576dc10cd6ae5ef67dff7
- SHA1
  
  00145cfae5af7face443fbc0329669c0fe9ffaa6
- SHA256
  
  cea89cc6b41c7dafa8cd5911944a178372be5d585c2d5ee0cc8652074b6d3b37
- SHA512
  
  ba738556a58ddc9431708ce07b8a130262a3110aded118870ce2de848484938afce10a7e160faf55244fe377b57bbf5973dff8df4efd91358ac076e31f69b629
- SSDEEP
  
  1536:jm+HVsJkN3L3QBHXLIUX52la3FeRnQ+MfstFBuB3AliB3TmTB3YHCYqVSM2vl3TQ:jXsCl+37eRQ+MSGlA+ZGJUCfSMfp+k
Score

1^/10
behavioral23 behavioral24
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Infrastructure.Policies.Activator.dll
- Size
  
  19KB
- MD5
  
  6e8e8c3a70fae932b5ef21d485862ebc
- SHA1
  
  ec71a6d4b3ed25c88742aae93f45a5904980a57b
- SHA256
  
  69288b23a8fce685bcc2e31db2780e6d85661553d8d2ac910a4f51bdf08d4c3a
- SHA512
  
  1d7d42e78e9a5fb3b72389ecfb0a5cbc07b98a410426d69917e342ef507992e0ea620b424c85f46bc01e8a4e001075de74b6e727ca3e09a1b74ac446b3e2ddf9
- SSDEEP
  
  384:XTyHFyH2yHyyH78rKBpwKNs+GrBvAM+o/8E9VF0Nyzda:DylyWySyb8rKe+EvAMxkEW
Score

1^/10
behavioral25 behavioral26
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Infrastructure.Predictive.Format.NETSPU.dll
- Size
  
  110KB
- MD5
  
  55c368f2b07061c1d438a7e29c1224ef
- SHA1
  
  6e67c7b408893c495e0419a6297055081f3c032e
- SHA256
  
  d49910acc088e6a7e7c6a551a1570ebbfeda21e69c31bfec66e532a1d66b2e6a
- SHA512
  
  2855d4d0a9ae1f286981680ef23107b67dc39e71f1c64936629a3c173f97b50e6694ffdf3dd438430c8cd6df6005ad763f37c2c7c38820d1b59b450d4caca3bc
- SSDEEP
  
  3072:hzMogczEvSjxEvwao5fS6fSpfSmfLEu5OQ+Z:hzMJ+Z
Score

1^/10
behavioral27 behavioral28
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Infrastructure.Predictive.Format.NP.dll
- Size
  
  35KB
- MD5
  
  100c1497561078845963ec7044cfc3c8
- SHA1
  
  ce16a965f1a0b6b781c3c90f705122fc07f54c28
- SHA256
  
  ec26776ee12ddfbf6332783f9239294a8b14fa4b9880d726beb222920b2adada
- SHA512
  
  77406cab62e6a442d37598e4f49e93a6f0452064cc9c3ff8f2219247b78db345867d206d22195b048de1fefa40f9942f9ab98409405188b88a0a55f40c58c9d0
- SSDEEP
  
  768:N+luYlGE+sN6AVH9vZdVsM2KIUxXJ0vn+4CAMxkEij:NpQagVdvZdSM0uJen+rxI
Score

1^/10
behavioral29 behavioral30
- Target
  
  NetSpot Enterprise v3.0.405.0 Portable/App/NetSpot/NetSpot.Infrastructure.Predictive.Math.dll
- Size
  
  25KB
- MD5
  
  5e7939ffcb0e41bfc9f4ccab3609d693
- SHA1
  
  ab108a50465d3230b28b4617bde8355b618426f2
- SHA256
  
  589774466945af11f4a59829e4ed0515a3fb5534db8fd6515a5452280c1c3a87
- SHA512
  
  724741464c93759d4a1a46bfa4f778e74bda06ad45ee9944a99ef692da339f57ea7ed0189da9da303ce6380730c09c4218bcef932484470734dd237438677919
- SSDEEP
  
  384:Gt3NII3D9Uv45aJnJYkAyGMR/rfSjXwIrw52Hi9pwKNs+HCjFfAM+o/8E9VF0Nym:GtqA5S6vMVajRiy+ijFfAMxkEs
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32