General
-
Target
45c944889a482ae2e0e0a8e260c3be737cb612c8804164badef61e8a8713b92f
-
Size
187KB
-
Sample
240410-mr23vacg79
-
MD5
89d025b55f7e4ffd942bbbe177dc7840
-
SHA1
2bbd1c11ddb32555f704640395568599bb2d31b0
-
SHA256
45c944889a482ae2e0e0a8e260c3be737cb612c8804164badef61e8a8713b92f
-
SHA512
92be745159f062bb1a336bb4c3eea5a2b9a53a8d5134bf624b932bf410c145e27b4b9aaedd3326bd76a97ba56cdc1552dd85952cc889de6fef51206deabc20ba
-
SSDEEP
3072:osc0lGgJJtaJXdlVVnXSRRABY3GNCQA1tRnB/rnWADLNBd61H3f9SWvJyLN1DLFm:o/0JJJtaJXdlVVnCXuCXtRnB/SAViHsi
Static task
static1
Behavioral task
behavioral1
Sample
RasTls.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
RasTls.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
RasTls.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
RasTls.dll
-
Size
3KB
-
MD5
d5915394a6916a00c426aa2827d97c0e
-
SHA1
50064d66c9b55b6f7d22051b81914d8366fe36c8
-
SHA256
6cd5079a69d9a68029e37f2680f44b7ba71c2b1eecf4894c2a8b293d5f768f10
-
SHA512
56aa607a5a1bf095b017fd23a1007795f4bdd3a5a5efe571f7c74b7a4e37fb88f3031c26b5189e9f67328222b3dda621a7379da5341bfa95e25605b703ea6373
Score3/10 -
-
-
Target
RasTls.exe
-
Size
105KB
-
MD5
62944e26b36b1dcace429ae26ba66164
-
SHA1
2616da1697f7c764ee7fb558887a6a3279861fac
-
SHA256
f9ebf6aeb3f0fb0c29bd8f3d652476cd1fe8bd9a0c11cb15c43de33bbce0bf68
-
SHA512
e3c366044ac0b4df834b2f05d900cad01bc55b39028984ed3486aa2522e8c226bf9a81952da2c7e4bf0bc2c322d10fe58329e787238bb710a137827927b48d7c
-
SSDEEP
1536:To0lZUH+MeI1M04n45PFmsMfgiqf5YXneJ07soW8VD5cN:TOw4jYgiqf5yh7sl8VF
-
Detects Talisman variant of PlugX
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-