General

  • Target

    PlugX.zip

  • Size

    708KB

  • MD5

    eeb04e18280b5027f1c299f3b1780961

  • SHA1

    4361de0fb7aa2a1f15acd4396a7e1e3a34ff4fc2

  • SHA256

    02cb95700440b100604ece78649b2ef41b2b7ea8ff68afbb02a01148a3f7c106

  • SHA512

    14ad36c1de37272156ed8ab8939c516aca2ab884a206cc372c79253298157d2152df79623ac6f79deee6948665ff7f7376a6776ccee4c8c065fef5eeff858e35

  • SSDEEP

    12288:Iaryqj09i0K3hqGRkyRZ2QSuB38ERqtxS9g2GZb0RJs89F+/dClI3PavIiCVU:vNPOGPLPx8E0xSK2mb0n9F+8lIYIdK

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • PlugX.zip
    .zip

    Password: infected

  • 3BC9E9B78AC6DEE1A44436859849BBBF_NvSmart.hlp_
  • 5F9F8AC1F749B0637ECA6EF15910BF21_~WINWORD_
    .doc windows office2003
  • 6B97B3CD2FCFB4B74985143230441463_Gadget.exe_
    .exe windows:4 windows x86 arch:x86

    ba47a0478b3cdd3b7d2c2438b409a2ca


    Code Sign

    Headers

    Imports

    Sections

  • 901FA02FFD43DE5B2D7C8C6B8C2F6A43_SideBar.dll_
    .dll windows:5 windows x86 arch:x86

    bb448859beafb6b8d042ede3358ffd0b


    Headers

    Imports

    Sections

  • 97C11E7D6B1926CD4BE13804B36239AC_SideBar.dll.doc_
  • C116CD083284CC599C024C3479CA9B70_2.tmp_
    .exe windows:4 windows x86 arch:x86

    400757684d81dfa07d0c4dc56a3b115b


    Headers

    Imports

    Sections

  • FC88BEEB7425AEFA5E8936E06849F484_~$INWORD_
  • PlugX_3C74A85C2CF883BD9D4B9F8B9746030F_DW20.dll_
    .dll windows:4 windows x86 arch:x86

    805dd25d70365d5930886e246ee8d13a


    Headers

    Imports

    Exports

    Sections

  • originalfile/PlugX_RTF_dropper_42fba80f105aa53dfbf50aeba2d73cae
    .rtf