Overview

overview

10

Static

static

3

Nv.exe

windows7-x64

10

Nv.exe

windows10-2004-x64

10

NvSmartMax.dll

windows7-x64

1

NvSmartMax.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c56cac95726fd10b5a85be1c87336354.bin

  • Size

    146KB

  • Sample

    240209-egbtxafe51

  • MD5

    c56cac95726fd10b5a85be1c87336354

  • SHA1

    b29b5a35c3ecd559047e8477e949ac72e9bdc52d

  • SHA256

    e49e2826c4d9fae960ca6baecd6754400e5da74446c5b511beb15831b42f2b1d

  • SHA512

    d6dd8283320330199e9235e4e8bb2ed7995f5c6cb51a08e2118502660bc8ce29d7490198e1dcba9641b199b8d7f80c1708948230b69392cfd8391c5a7d505ab5

  • SSDEEP

    3072:MljIdulYQyNl7bAT+JbjClf00YM8SzR1hv0iuzFWC9FnbfztQf:Mj+uqXAT6jClkao5WCrbCf

Score
10/10
plugxpersistencetrojan

Malware Config

Targets

    • Target

      Nv.exe

    • Size

      46KB

    • MD5

      09b8b54f78a10c435cd319070aa13c28

    • SHA1

      6474d0369f97e72e01e4971128d1062f5c2b3656

    • SHA256

      523d28df917f9d265cd2c0d38df26277bc56a535145100ed82e6f5fdeaae7256

    • SHA512

      c1f2f5c4aa5eb55d255e22db032da954a38a0204fb4d9bc76042f140f1b1e171944aa09b0eb11159323a8b9f33974c73fd32a4f76d976aaa8a16cc9c60a34ca7

    • SSDEEP

      768:Ep+QDJgY/OTFStOWjmyPTc+6lye958TZLWMmSbC9X:Epj9IexPANL58TZaDaC9

    Score
    10/10
    plugxpersistencetrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Modifies Installed Components in the registry

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      NvSmartMax.dll

    • Size

      20KB

    • MD5

      0b21678ed8e2b117344cfceba8f097dd

    • SHA1

      db53bb022cb6de016713f1570f2ae501f20f9c76

    • SHA256

      eaaa7899b37a3b04dcd02ad6d51e83e035be535f129773621ef0f399a2a98ee3

    • SHA512

      182268649b360f44f021570ddc9290f5051a8be556ffd66355bc325027ba48c5fe824e1bea925411bdaef4c17e0f3d81a1d3c710b59c4462540d567da625a41a

    • SSDEEP

      24:eFGSE+O1B+ibXvS1vFNFPitSa25Jyj3xrqhx4/:ief+BFCtSa25JySx4/

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks