Overview

overview

10

Static

static

3

0982cad179...1c.exe

windows7-x64

10

0982cad179...1c.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-06-2024 18:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0982cad1794aba43938a7db57eaa47fdf491baf804a2709ae8713eee4cffdb1c.exe

  • Size

    6.3MB

  • MD5

    784114f9b669956a77a1fca0c7991dcf

  • SHA1

    ff7fce437c74d352d910b02911f62d53783249b4

  • SHA256

    0982cad1794aba43938a7db57eaa47fdf491baf804a2709ae8713eee4cffdb1c

  • SHA512

    1cb4afe1e5f9f56ced0a8ecbb18c50a6842449ea8751c73a7baf3e5d2d84b0f9c8f4505ebd255762f1d26e6b521102d758c2419f702ec9a7d6329d0b053cfafa

  • SSDEEP

    196608:XMfLdxcMZ+L8o9cc5a9MwGf4Cmlbjf3L12g2Do+:opxl+nec5aqw04CCbjfxZH+

Score
10/10
ploutusatmbackdoor

Malware Config

Signatures

  • Detected Ploutus loader 34 IoCs
  • Ploutus

    Ploutus is an ATM malware written in C#.

    backdooratmploutus
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0982cad1794aba43938a7db57eaa47fdf491baf804a2709ae8713eee4cffdb1c.exe
    "C:\Users\Admin\AppData\Local\Temp\0982cad1794aba43938a7db57eaa47fdf491baf804a2709ae8713eee4cffdb1c.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3668-0-0x000000007440E000-0x000000007440F000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3668-1-0x0000000074400000-0x0000000074BB0000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/3668-2-0x0000000007080000-0x0000000007BE6000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-3-0x0000000074400000-0x0000000074BB0000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/3668-4-0x0000000006510000-0x0000000006AB4000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/3668-5-0x0000000074400000-0x0000000074BB0000-memory.dmp
    Filesize

    7.7MB

    Download
  • memory/3668-6-0x0000000007BF0000-0x0000000008754000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-7-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-8-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-10-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-14-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-16-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-20-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-22-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-18-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-12-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-24-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-28-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-32-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-30-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-34-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-36-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-39-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-42-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-44-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-46-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-48-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-50-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-52-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-40-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-26-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-54-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-56-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-60-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-63-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-68-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-66-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-64-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-58-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/3668-70-0x0000000007BF0000-0x000000000874F000-memory.dmp
    Filesize

    11.4MB

    Download