plugx | cba6d325bb9377038039baf24e07a2640200caa462320ec7bf273c8c5bc6bb85 | Triage

Submit
Reports

Overview

overview

Static

static

3

cba6d325bb...85.exe

windows7-x64

cba6d325bb...85.exe

windows10-2004-x64

Sharing

General

Target

cba6d325bb9377038039baf24e07a2640200caa462320ec7bf273c8c5bc6bb85
Size

2.3MB
Sample

231012-ddh85sdf57
MD5

607db7333b07c16b6ca619f20c11f9d1
SHA1

2af8308c1a06e5ee26578a759eb8a0b384751a15
SHA256

cba6d325bb9377038039baf24e07a2640200caa462320ec7bf273c8c5bc6bb85
SHA512

75f914408fb03e8521935305a4befdaf00b84fe45b55a3f306964c950fc10843b38f3f53349d245097933daff72e56a5334f4fe22fc6669bc819462d51c9461d
SSDEEP

24576:LNzH/3FRzJR4o7nGhAkfvhoucd27nQNHL9mk39q8AwJRxrJEjk/MBhnhHSA8a6SM:pzvdR4QWAkf0rmjkShnhHSA8T

Score

10^/10

plugx trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cba6d325bb9377038039baf24e07a2640200caa462320ec7bf273c8c5bc6bb85.exe

Resource

win7-20230831-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

cba6d325bb9377038039baf24e07a2640200caa462320ec7bf273c8c5bc6bb85.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  cba6d325bb9377038039baf24e07a2640200caa462320ec7bf273c8c5bc6bb85
- Size
  
  2.3MB
- MD5
  
  607db7333b07c16b6ca619f20c11f9d1
- SHA1
  
  2af8308c1a06e5ee26578a759eb8a0b384751a15
- SHA256
  
  cba6d325bb9377038039baf24e07a2640200caa462320ec7bf273c8c5bc6bb85
- SHA512
  
  75f914408fb03e8521935305a4befdaf00b84fe45b55a3f306964c950fc10843b38f3f53349d245097933daff72e56a5334f4fe22fc6669bc819462d51c9461d
- SSDEEP
  
  24576:LNzH/3FRzJR4o7nGhAkfvhoucd27nQNHL9mk39q8AwJRxrJEjk/MBhnhHSA8a6SM:pzvdR4QWAkf0rmjkShnhHSA8T
Score

10^/10

plugx trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy