ploutus | 49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30 | Triage

Submit
Reports

Overview

overview

Static

static

49c9dfce83...30.exe

windows7-x64

49c9dfce83...30.exe

windows10-2004-x64

Sharing

General

Target

49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30
Size

129KB
Sample

231012-qj9z9sbe7v
MD5

20254b00201935884467b6384d6f6508
SHA1

6b40dba991a559613e73eb4e1ee0e2a2dd5fbf4f
SHA256

49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30
SHA512

a50889e03694d1d418ede40b7ea26541948a5bc7bdf90e2e0a0a0bc71fcbc548aa55d62fa898ef837c8defb01be26a34fe9060979b041fb95ec290dbdb5e293e
SSDEEP

3072:zJp3XXTwGouKRZzFPk2I111KYTI1Uk16R86:FpHXroXHMzTy1o

Score

10^/10

ploutus atm backdoor microsoft phishing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30.exe

Resource

win7-20230831-en

ploutus atm backdoor

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30.exe

Resource

win10v2004-20230915-en

ploutus atm backdoor microsoft phishing

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30
- Size
  
  129KB
- MD5
  
  20254b00201935884467b6384d6f6508
- SHA1
  
  6b40dba991a559613e73eb4e1ee0e2a2dd5fbf4f
- SHA256
  
  49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30
- SHA512
  
  a50889e03694d1d418ede40b7ea26541948a5bc7bdf90e2e0a0a0bc71fcbc548aa55d62fa898ef837c8defb01be26a34fe9060979b041fb95ec290dbdb5e293e
- SSDEEP
  
  3072:zJp3XXTwGouKRZzFPk2I111KYTI1Uk16R86:FpHXroXHMzTy1o
Score

10^/10

ploutus atm backdoor microsoft phishing
- Detected Ploutus loader
- Ploutus
  Ploutus is an ATM malware written in C#.
  backdoor atm ploutus
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ploutusatmbackdoor

behavioral2

ploutusatmbackdoormicrosoftphishing

© 2018-2024

Terms | Privacy