Overview

overview

10

Static

static

3

PlugX.zip

windows10-1703-x64

1

3BC9E9B78A...t.hlp_

windows10-1703-x64

3

5F9F8AC1F7...D_.doc

windows10-1703-x64

1

6B97B3CD2F...et.exe

windows10-1703-x64

1

901FA02FFD...ar.dll

windows10-1703-x64

1

97C11E7D6B...l.doc_

windows10-1703-x64

3

C116CD0832..._2.exe

windows10-1703-x64

10

FC88BEEB74...NWORD_

windows10-1703-x64

1

PlugX_3C74...20.dll

windows10-1703-x64

10

originalfi...ae.rtf

windows10-1703-x64

1

Analysis

  • max time kernel
    127s
  • max time network
    131s
  • platform
    windows10-1703_x64
  • resource
    win10-20231020-en
  • resource tags

    arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system
  • submitted
    19-11-2023 03:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PlugX.zip

  • Size

    708KB

  • MD5

    eeb04e18280b5027f1c299f3b1780961

  • SHA1

    4361de0fb7aa2a1f15acd4396a7e1e3a34ff4fc2

  • SHA256

    02cb95700440b100604ece78649b2ef41b2b7ea8ff68afbb02a01148a3f7c106

  • SHA512

    14ad36c1de37272156ed8ab8939c516aca2ab884a206cc372c79253298157d2152df79623ac6f79deee6948665ff7f7376a6776ccee4c8c065fef5eeff858e35

  • SSDEEP

    12288:Iaryqj09i0K3hqGRkyRZ2QSuB38ERqtxS9g2GZb0RJs89F+/dClI3PavIiCVU:vNPOGPLPx8E0xSK2mb0n9F+8lIYIdK

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\PlugX.zip
    1⤵
      PID:1032
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:4808

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads