Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

PS/RsTray.exe

windows7-x64

10

PS/RsTray.exe

windows10-2004-x64

10

PS/comserv.dll

windows7-x64

1

PS/comserv.dll

windows10-2004-x64

1

PS/comserv.dll.url

windows7-x64

1

PS/comserv.dll.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PS.zip

  • Size

    197KB

  • Sample

    240607-jyx6paeb69

  • MD5

    f2d018a4fb8c8a9e313c61fb1617c344

  • SHA1

    8c912cbb3dc1f9c8909fded0cf14d99032be58ad

  • SHA256

    0187a11496437b76b2401bc6136432547b6bcdaca30f2b7d16e4d39f47d5c3ee

  • SHA512

    7a9d0bb3dff3fd37588a0bd97b37cbbe87615175f6c43afacbcd5ff52a94099c8b9f6e1325eda794b990f58c2825afe988d79e95f5eac35763de585a3302964a

  • SSDEEP

    6144:HcS3At/seLE2q7yteF8zlOPkrwa2xx/08g/zIXIPQ9:H/3gif2teFGOcrEVgLUIPC

Score
10/10
plugxtrojan

Malware Config

Targets

    • Target

      PS/RsTray.exe

    • Size

      174KB

    • MD5

      d65adc7ad95e88fab486707b8c228f17

    • SHA1

      dfa0589b58a469e34695a22313d184e5352a3282

    • SHA256

      a3674fef407c354e911a8a6c7d4b991802c47cf6409d6dc32dc84be6312159e2

    • SHA512

      3c9114610dfc107adec6a6220356607c737499866eba965985bb1f6b9aedbfae529a5432abb8307ce0653580fab9c2580c66d96ef4cdb4319a0fde5ad3c3ac01

    • SSDEEP

      3072:wq1/mmpPCL8OZwevvCRmvUGmeU1hbFZJslQLRzMaZ:wUmqCL8Oj3XZm5jNLRzVZ

    Score
    10/10
    plugxtrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      PS/comserv.dll

    • Size

      2KB

    • MD5

      6d54b4f07a1b92bd6fafe7160b2c887c

    • SHA1

      6bf4a36e729a2c4156b1280db97252ba8ea7d9b4

    • SHA256

      653fe0ab7b634e50ba09f962c6357bcf76ce633768aa41dd01d1a93ef83a0a54

    • SHA512

      32c57ca7ce437fc7712948a6f30733112830ff570d89ca903e5a5bdec43277a19a453df8c027e0835ad1dff2f7927cf973e33efa1847ed608cb6eb534d8163a3

    Score
    1/10
    behavioral3behavioral4

    • Target

      PS/comserv.dll.url

    • Size

      122KB

    • MD5

      fe14ef97d52c1c4f4764c36b76f18340

    • SHA1

      60a931c6607ffe7dabdce33151f7d217b7581175

    • SHA256

      d8c68c81908ca0b31a773cf78bc59b9d886ba72177b2b4f5a1d9ea46b95ce05e

    • SHA512

      390366a82817d8e841084744cd879bd7be6ce1dff85e26e9fe4739b709c17718c4e836f2f543c1d84f47096230e2d9dbc6dab6c597acc8ae802c43b1d4ae7f0d

    • SSDEEP

      3072:eBnOmvZ8umI/EOKv8Lunlsq7yTxeP5oG8zlOPkiwfA:0D/sCLEiq7yleV8zlOPkiwI

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.