Overview

overview

10

Static

static

1

update/USOPrivate.exe

windows7-x64

10

update/USOPrivate.exe

windows10-2004-x64

10

update/log.dll

windows7-x64

1

update/log.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    76d008d9955509d3db6e190acfa58fdf12fc64253884ac6981187a3e5ffdeb20

  • Size

    380KB

  • Sample

    240410-n61c8seh32

  • MD5

    a5da3d47e6a3e4e4f0b84e208316831d

  • SHA1

    f1292d10075e6ad82118a6119ac39a8718eba771

  • SHA256

    76d008d9955509d3db6e190acfa58fdf12fc64253884ac6981187a3e5ffdeb20

  • SHA512

    52652d8581c4960cd119598a7de51c14fa5848a078ae57127848895429633341cde102d8f4e6ad406460a53fb9be5b6f5989ffef60ba430e64d3c90498b5d97c

  • SSDEEP

    6144:9jixP2mr0YK1CvwIaOZzYmffv9n+ugWfbbyzxZOXPny69h4EKfA2I:VixvrzK1mwIaO7f1nAWbmzxcPp4I

Score
10/10
plugxtrojan

Malware Config

Targets

    • Target

      update/USOPrivate.exe

    • Size

      760KB

    • MD5

      10866465a9b0c56af2cd093b80cdbc9f

    • SHA1

      fc77be3e68a79b597ffed1b307d1b447787e7995

    • SHA256

      9831526e475a4ed0d149bec15f69193a48249c3cda1ddb2f2140292afd862cfa

    • SHA512

      975c0c3abe71d29a1391bc9a258df9560466f40764ff6dd8b06db5234d45a6c12f27c77bd26409fda051de598cdc0087afd847e46818553c5ed3eff53cfe2091

    • SSDEEP

      6144:c3PgKtEhPIPe16jzM66rBghPlNoVh5j9mmNpMHGIygduNrnoh/WOHI0jVjSjztx/:eIA4PIPoQMFgDNg/jMmLohW70Rj+ztp

    Score
    10/10
    plugxtrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Deletes itself

    behavioral1behavioral2

    • Target

      update/log.dll

    • Size

      54KB

    • MD5

      2a747a6201189e133c18ae24e44476f3

    • SHA1

      002be31d69cf30bc8a8e2ed51c038a5bdfd88141

    • SHA256

      0cc36dd25e099cc6f1798dabe1d6a3e2d8c3883aa0e0d7296e94d035cdb74f3c

    • SHA512

      36080f7595b6a1c05ecce348a75adbac4cdf8ccc441a724e3aa50130c62cd74d3948dabf8343b95cd90043f569b7f301f94102626942e9c0080133c486a830b3

    • SSDEEP

      768:Wt0W/UGbqXrc1CwcBosKPVTGccEzNl/KCTn2B7gXzcffXjkDIA8W1116iNTN82lz:W1GCnTGcx+CT07gjc308YvRe2iw

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks