Overview

overview

10

Static

static

3

DeElevator.exe

windows7-x64

10

DeElevator.exe

windows10-1703-x64

10

DeElevator.exe

windows10-2004-x64

10

DeElevator.exe

windows11-21h2-x64

10

DeElevator64.dll

windows7-x64

1

DeElevator64.dll

windows10-1703-x64

1

DeElevator64.dll

windows10-2004-x64

1

DeElevator64.dll

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MapACASvc.rar

  • Size

    307KB

  • Sample

    240226-ppdnksde62

  • MD5

    07a75f45a0a0ef08667f80bdb6de1e7f

  • SHA1

    cc559a749988edaee98b90a79d1dbd3d4491c007

  • SHA256

    42bb35a99f00d6ec5a18aced113c138d05a5e9662b61e7130a7383f440c4db27

  • SHA512

    b9b09561b1ded9c8d95b3586ac779c7aa542f6fe6d466f2ec1230134f1e03518f23d3b6c340ffedf9d86a194e95e6328e48465d46cdd03535cb9d663fd585ea7

  • SSDEEP

    6144:0n0/SzCU0v+5ZOxnfnK2okPu/qEp+MFO/T/nZn7yFsmseaXBc:0wSGUa+gnxPu/qD7/BYaRc

Score
10/10
plugxtrojan

Malware Config

Targets

    • Target

      DeElevator.exe

    • Size

      10KB

    • MD5

      77f4f5243e1f2eab70e253e138488754

    • SHA1

      6f91e14d7c5a7d2bc865cf0928dc9be9a2cef55a

    • SHA256

      22869e3326fe1de011cd500e666769027126c5c440b76837baf55139f30094e4

    • SHA512

      64a2be3bbc720f66264238aca89daa1214d96e5566838ba49c4b5ec32f3ab1bdd83a9bcc59d965c6fbbc7c171ac20f07e9118908064b5006503f343074b28bf5

    • SSDEEP

      96:M4/hNM2frP3IhjM7EugiG3/YiPoHQjzQMLy+y54+MIc/g23PQnA7k4WZwT:v/hNMIejMAPYyowJL/yCl/g2YnF2T

    Score
    10/10
    plugxtrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2behavioral3behavioral4

    • Target

      DeElevator64.dll

    • Size

      119KB

    • MD5

      d2c7db5f032e0a1577007eeee844e1df

    • SHA1

      5e92a9fe4e2098816cdc50d6d41ed71a74fd4f28

    • SHA256

      23269729c2c0b943edbdf469fe456e7583ac95423c9279d1ddc4d4c122444d7b

    • SHA512

      97d48ca5d613e27004aa3aaf98547a69129961bc73e51ae7bbc34dc2838bd9e2da94a58e909a73eee742ddc965af86b3c6236b20408fd4f1e9f684a914be4d1a

    • SSDEEP

      3072:LweuSzzSgTm7GufZFlO6cJulIBVxaMCNm:LTjGpe6cJuM9

    Score
    1/10
    behavioral5behavioral6behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks