Overview

overview

10

Static

static

3

01468a69ca...18.exe

windows7-x64

10

01468a69ca...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01468a69ca8676b51a357676e0856c88_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240622-e61vbsybjh

  • MD5

    01468a69ca8676b51a357676e0856c88

  • SHA1

    4413a7f864255767a6d84c3e8362b9873a7e224b

  • SHA256

    fcccc611730474775ff1cfd4c60481deef586f01191348b07d7a143d174a07b0

  • SHA512

    d0d516c96c14e4ec5dded82e80f82a3ff6b2f8c2aae63b8f0e8667aea6e07e52e8dcf2ee7939304ef2303b07a4b8ca6e6c64f985a508d57aad79440d479d68b8

  • SSDEEP

    49152:Na175O/mZxrkaH1EN5/yxnxEil7F8vSZBWwj186KQGwi38KQrF+FO7p1FzohbJqE:uO/mZxbHW7yxnxECF8vSZBW+Pbi38KQU

Score
10/10
plugxtrojan

Malware Config

Targets

    • Target

      01468a69ca8676b51a357676e0856c88_JaffaCakes118

    • Size

      2.0MB

    • MD5

      01468a69ca8676b51a357676e0856c88

    • SHA1

      4413a7f864255767a6d84c3e8362b9873a7e224b

    • SHA256

      fcccc611730474775ff1cfd4c60481deef586f01191348b07d7a143d174a07b0

    • SHA512

      d0d516c96c14e4ec5dded82e80f82a3ff6b2f8c2aae63b8f0e8667aea6e07e52e8dcf2ee7939304ef2303b07a4b8ca6e6c64f985a508d57aad79440d479d68b8

    • SSDEEP

      49152:Na175O/mZxrkaH1EN5/yxnxEil7F8vSZBWwj186KQGwi38KQrF+FO7p1FzohbJqE:uO/mZxbHW7yxnxECF8vSZBW+Pbi38KQU

    Score
    10/10
    plugxtrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks