ploutus | 09643633731242877000c5de3c2a33ee66f36056005fe7e307a996bdef1d0de3

Sharing

Copy URL

Twitter E-mail

General

Target

pictures.zip
Size

10.4MB
Sample

231014-vmeqraaa99
MD5

ee3d38200fff6b6dc95821f12b6c3051
SHA1

de9b2bd22d56f9c43569d019dd93f9cbaf9f0515
SHA256

09643633731242877000c5de3c2a33ee66f36056005fe7e307a996bdef1d0de3
SHA512

f2c9b572809a271f149a3c4f4b0c6e76eeb257c83f6cce0befbf29747f2542a85ce53182082d8b7c722431bb35f2f9bce89c51be87a6fe43559a4ce3a5105ea5
SSDEEP

196608:z4Pe3PpWg9EsljIa7r0abGAZcfkIsFba6IEYI4rqneio2+o0sOKEHig98aT:8Pe3xV7ljIIGSGkftalENcio2+o0FKEP

Score

10^/10

ploutus

Malware Config

Targets

- Target
  
  CommandLine.dll
- Size
  
  57KB
- MD5
  
  ec0e2dd54144d6f6a317b7daa715d418
- SHA1
  
  62c2e04bba8436912d9bcec1ec4d4c7afc843a47
- SHA256
  
  4923528d3d18689d58fa30b3d822ab72a13be21a57f13e0bc59b55b864424f7a
- SHA512
  
  ccaf01f89fab001ef2ded15b352e1dd2ab3967584a8720acb7c6b7203240f9c896f7d46600b12e0e86b25b30779b1e5ed59ce97fb3f295afb11d6391670265ef
- SSDEEP
  
  768:Aa4UCvHii8p2scLC8OfyHxy1XdF0l1t8HQDGiejOsSZhD3T1x:A9hircRL9OfPtCJE9iejOsSv7
Score

1^/10
behavioral1 behavioral2
- Target
  
  DahuaHCNetSDK.dll
- Size
  
  6.2MB
- MD5
  
  62dc08e26b647a5513a7adc6251a5843
- SHA1
  
  ba4a57d013e7fa142005358db671abfe3674107f
- SHA256
  
  a1d7bc961677b86bafea2ff6942a378aa01e4f481f273e866e9b8bb525a9e3db
- SHA512
  
  4a32cf821adc278c11662fdcc57129fb4413cad3c576bd2f5026342305b3cbf411b9c7146020458818ad8934e0c1c397bde56a0b49bddc608c35c2fa181a134d
- SSDEEP
  
  98304:4ed4iAun58wLHLMtNQPQf0x0bpEKowhjILgWooqikbUGlSX2kwu/lKm7:nKiAu3tooIUGlSX2kwu/x7
Score

5^/10
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  HCCore.dll
- Size
  
  840KB
- MD5
  
  02879702decd602e68cc803f5345fafa
- SHA1
  
  d019638ded352b4595d58bf52e7383798109b8fd
- SHA256
  
  33762140a904f2570c12355ad3752e2f2d793fdde88a0810d44a9a2e2b2a066c
- SHA512
  
  fcd8ba8f869039e7c8c8b1e136ca38e57320a3de817abd546ca7cdf993b411f5a4d37b2b8597ce406370fdccc3409c14a0461ca6ce313a29bab9f7186a6a8788
- SSDEEP
  
  12288:75SZ1ZtM1LChV9LiT4U/PkhKW+vCnDjIw2ATIqfIgwiiUl+n:75S7vM1LCkrCnDjIOTWkl+n
Score

3^/10
behavioral5 behavioral6
- Target
  
  HCNetSDK.dll
- Size
  
  536KB
- MD5
  
  cd629905e042c7498a512919a7115771
- SHA1
  
  26399e62fb6d765bc1ef1902254e46ab4d10336d
- SHA256
  
  2e529bf03b28e64fc449dcb43c4e9ed08fe99509485b2992387af4c1965e6176
- SHA512
  
  d289f55a66b82fe8c3d5ac19145be541c74aefac490f23ca7d5c60da2fb56f1a11c9b637b74c2f47aa946dbce930061d8e1d947d11f965c4edbbe36f42bd5d70
- SSDEEP
  
  6144:psIGGZ6hVVPLeatAnWc+EzWtz/2YulsSklFKUpBWiJ3gvX/I:JUBBunWXEuz/2YMk1gvPI
Score

3^/10
behavioral7 behavioral8
- Target
  
  HCNetSDKCom/AudioIntercom.dll
- Size
  
  439KB
- MD5
  
  50f700d0306cceaf132e6b176bc081b3
- SHA1
  
  9341d144f0ae801775acbf1ed7a09c378d1f9b14
- SHA256
  
  5f7623fdc0c9592a5f4fd39ae639bfef27edd18141541a3bff0aa6d67763e5cb
- SHA512
  
  21f371b47bbac6c0394c182ded41562c14e42a9699798689e53249c304e62333776c92bd5e0f90f911fa9ba1aa50c4a524cf2ad13a4e256e5d1836ea06470f05
- SSDEEP
  
  6144:B75TYr6sBgAwl03uMYCh9J5YuX6p7gAwVA/rszRXF0FiGAn42utSgsVrG:5mgC3ZYCh9J5Y487g3AjoRXMH
Score

1^/10
behavioral10 behavioral9
- Target
  
  HCNetSDKCom/DsSdk.dll
- Size
  
  5.0MB
- MD5
  
  dcf46dafef2fa056da1901b67e17f7f7
- SHA1
  
  e238122f9a5e91a6b1bf7fdee46d5f0015036ecc
- SHA256
  
  be8fb8620b7d7d67ae117f4f4bb5c69319d87e195d19520428032a60bd771aab
- SHA512
  
  2478731db5c5935ab08161d95a3a2563a6f75f5b824d8cf73ed4a07e00bcc38ed5cae7d1cab383988b5a3aab8a728f6e5aa0c5974a085297dd52385652d2c585
- SSDEEP
  
  98304:pxqNFK4d/9WlgaVnTQOZZMZ9WIuuJ2t1fRlgoG0/pPK1Y29Q/a1D54+ne6fcY:pxdCW1LZa9WIuuJ+4iKm2l14+ne6
Score

1^/10
behavioral11 behavioral12
- Target
  
  HCNetSDKCom/HCAlarm.dll
- Size
  
  340KB
- MD5
  
  041dced0baf2f61c6246ee3699b1aa32
- SHA1
  
  9d991fc8de0d4f2c0d4dda3b4ae60431c3cf579e
- SHA256
  
  16258b1d243020de7de6bdc13c471dfa91cdf88b41d929f8fd15827d890bda3a
- SHA512
  
  003961aa0ba74b815b060970e0bff8618b0b2a7ed47888182e1727b49bb72b974d4f2c95376657a6ac883da9670b4714cc07bac30f2ec2374be90a081619ed87
- SSDEEP
  
  3072:vN9gfmGJ8Ra9sSh0HakFUbzDZJe6Y1RJw5OWHACi72WqSenXZPf5nhiLiNR0u4fN:V9gO6sVFI9HdFSenJPfX0bTTQbm
Score

1^/10
behavioral13 behavioral14
- Target
  
  HCNetSDKCom/HCCoreDevCfg.dll
- Size
  
  792KB
- MD5
  
  bacff0cc77a0e68084ad84fdd9c5dabc
- SHA1
  
  66469051e3f6966ba05fd125756c07d8bdad6788
- SHA256
  
  842146930623e3e1b7c3bb40fd86bda655c53a7c57ed8c6481473bf2044b67d2
- SHA512
  
  cd4f36f129b5312cbc4e36dd323f0c1e3405faa9331ac769b910d0b4a11e0d512aa8bb7e1f9713fc7e4090d7f5ad075e855b3530826c6b2e58c685215e288a0d
- SSDEEP
  
  12288:IxVkr4MmtJqCkZ9zF/oKbONXfWrdCPJc4awr8WTEM+WFc:Ifu4MmtKziK6vWG7rfTZ+WFc
Score

1^/10
behavioral15 behavioral16
- Target
  
  HCNetSDKCom/HCDisplay.dll
- Size
  
  488KB
- MD5
  
  57828d63035329d52970b709dba0f592
- SHA1
  
  55e920de2627205f53400dbc2ca566bcce2516a4
- SHA256
  
  c0b72ca9311ca17aac66e124d0bbae37363e6ac4d5f4e506b498faa882ded79a
- SHA512
  
  933dd928b5797b52bed9638d75d041331e5cab2269eea5dd1927409c6c0b4209a88f17f7355cfbef9e73e7cb3b91f1ae745a363b6f587e3b74a8f7c420707b84
- SSDEEP
  
  6144:cK5noW/toKvGLH5izYzmwn83JHcZn+Dk/HRCpZefhc:c+HGPHgECw83J8Zn+gRoB
Score

1^/10
behavioral17 behavioral18
- Target
  
  HCNetSDKCom/HCGeneralCfgMgr.dll
- Size
  
  932KB
- MD5
  
  1c4948713f876e0cebcc1fa268ae8ed0
- SHA1
  
  0efc5430336f5bfd596bb302de230b75985fcb6c
- SHA256
  
  a8747715290c70410e3afc62ffd21ee26c0e053510853f4efad0bd3b15ded5d1
- SHA512
  
  98a580b5e869e8fefb96b7b1d597ebdba7b847509b1c4421b53466dd118728f73ee16eab0995e1989cf707ac9901bece3d980404886b0d1c1163df73ecdc851a
- SSDEEP
  
  12288:kqywClV0ilj+FsrdARvQgV5yShGtuOSP4bBiiY3Tj5rHg++Tr67AkujBrnqpwsu+:tjKlj+FSgV0U5rHg1NUgM
Score

1^/10
behavioral19 behavioral20
- Target
  
  HCNetSDKCom/HCIndustry.dll
- Size
  
  520KB
- MD5
  
  66b0d0bd5c66d58d366042d1530152fe
- SHA1
  
  d071eb65c3b307fbd33daabd6e018f5f23c482ff
- SHA256
  
  ebf9ea1ef2a522341c498c1b3ad5e162da84cb658ce25ef6377a75a848338561
- SHA512
  
  0288571517f6f2049a5bf7905e1f78a44b9aa27f5186f6b166f6a6d5f8fab06c0ff811df6c67736dcdd9f91b96aa43efa62ec106f45c13c816aff4482ba444c1
- SSDEEP
  
  6144:LDa7E/+ScmPQ7ZS4s3CFA6feS+1zn9hQ6s1d3nr//WnV0/ciy/3ttZWT7:LQscmQKZ6feS+19hQ6sn3nr/eWcET7
Score

1^/10
behavioral21 behavioral22
- Target
  
  HCNetSDKCom/HCPlayBack.dll
- Size
  
  332KB
- MD5
  
  34e0e7c615ed589cc060224121df0174
- SHA1
  
  baf5e1e2d2a50a113f40218f9d14bf095870e66c
- SHA256
  
  f7865669d8214384570e4f59c0c2b7e37edc4e8ff8c855e4365cf9a89eebbc62
- SHA512
  
  659422021b6b1113e0eb03713e3d82ce9a91368314f2ee8ae3937d7f40dd04c7afaee188d029b8a5fd3a1fd2646ecc7959f477acc2a60febd3b126c5bb8104c2
- SSDEEP
  
  3072:nld732YbLYR740NysBg/yfJRJN3hQXtHakwh5nIgUxU0aCXn2JJaPxSGfvj5Ig0r:lx9bLU7UsBg/0R8RaRIgm3aCXG0bqym
Score

1^/10
behavioral23 behavioral24
- Target
  
  HCNetSDKCom/HCPreview.dll
- Size
  
  448KB
- MD5
  
  9fb6bbc9732660902d1dbd91c432a482
- SHA1
  
  7a46e54108bb6aa9d35435755a11c381e47bab87
- SHA256
  
  91f63aac8b851ad71a5d8d094f038414f07b3bbe1779b738f91c6c210e7f2015
- SHA512
  
  2c48cf147b412b802bc096721590617fcccc339e5429c7b6f2d54f44ad0f1a172a51ddfe1c26a0ecc732739aa97f74ab3bbc99fe6f0437ed15fd36180e3e89be
- SSDEEP
  
  6144:tUOcO18pZnVUR7cLlBG4pN6Nur8ugW1RIEUXc0FBi:pco2ZaRILvpNaur8ugHXc0FQ
Score

1^/10
behavioral25 behavioral26
- Target
  
  HCNetSDKCom/HCVoiceTalk.dll
- Size
  
  460KB
- MD5
  
  06d0fcd6874a9c1bd08fd8512497e625
- SHA1
  
  cb24d606b9131b0037b52c62942ef095e2cac268
- SHA256
  
  7daf056733c42d9f8d8b0119f38cb9da9d0cc60cb708d386c5f488f2de75df6e
- SHA512
  
  cf9b017f43f6933eef38437bef790b6b4459d530c4b01b191f55b02ccee01ee16a362fa90245b43607e5101f8a45d469fa67383ee8d570cc8f7fa545abdddbe9
- SSDEEP
  
  6144:d25L13+uXkku7KJkhKPzrmXNwB07i/cN7L/KUAqy:43+uXkku7KJYKvmXH7UcJJy
Score

1^/10
behavioral27 behavioral28
- Target
  
  HCNetSDKCom/OpenAL32.dll
- Size
  
  417KB
- MD5
  
  52c83a72943b529b7f495b0606c117b6
- SHA1
  
  dcc74f5109a09c4cec8274f2968159c80016002d
- SHA256
  
  b21ae0059a8182a51d1645a44f403429e60e26453353c0d708d7f501557ca01c
- SHA512
  
  17179685e6e65c9130ccaea16c8953be818e4c6502595cb2e6dabebbc05f904e98b1797173e880ddfb64276cb0b53d48d8caae28457d1531160810af90eb6706
- SSDEEP
  
  6144:rXv1/ktv9QkVZN/Ju8sBfwvixrahNybEsl2ufvtgp2HlofevpQZjNAOs+D1Q3:rXv1Mok7N/mBfwMxbEsrHthLhQZjNVa
Score

1^/10
behavioral29 behavioral30
- Target
  
  HCNetSDKCom/StreamTransClient.dll
- Size
  
  260KB
- MD5
  
  b3144eea9d7eb4d040b28fc320e0a8cb
- SHA1
  
  b488da193f76fcbd742d78eff6cc3c12bfa4306c
- SHA256
  
  6141d9d6294005f1d251376184d8d48a5acf4f63bf9851c6ed74c07fe3caa18d
- SHA512
  
  84ccc472fd4596464730c981792d015346436bf8e454273e2a82ba43d7c184208f34ec5c6d0607e3bd4426f14043ec93edc02fc2e9a86a4d520fe35353cf9e75
- SSDEEP
  
  3072:wvFlcGdgGW/h269iN7RJOzI+m6vpz2Cf4OO4cPJohI3dRqRJfdBxC/KBzmt3aStg:qbGX3jvPy4cPJXtRqRtxCUZSBNmx9
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32