ploutus | 8dabe8af434fe110d74ca365ed3eeef33001aa26f1487afeb1a6f5d59e7e544c

Sharing

Copy URL

Twitter E-mail

General

Target

Usar tu mando Generico como si fuera uno de playstation 4.rar
Size

5.3MB
Sample

240802-lnb7ksygpb
MD5

13a8c7f593762d7d05d025358550367b
SHA1

9bb7b8bafda58ea1f144eca202b26a8b4d939904
SHA256

8dabe8af434fe110d74ca365ed3eeef33001aa26f1487afeb1a6f5d59e7e544c
SHA512

0492b3fd2cbf11f5a0b4630c985a55abcee0ce649089da22d81a35747cb8f45113c19713480f9cc3dda3d21048f985c1c523d29322919bdcf674cc3282843a65
SSDEEP

98304:GuGNSE1YoL/GizoQO1iL54S3Fo2d+06CX4LBkWafq8oLPN/livrnD9GAs:X49yUGizoFi5d3Fov1+WeqjPN/+Fs

Score

10^/10

ploutus discovery

Malware Config

Targets

- Target
  
  Usar tu mando Generico como si fuera uno de playstation 4.rar
- Size
  
  5.3MB
- MD5
  
  13a8c7f593762d7d05d025358550367b
- SHA1
  
  9bb7b8bafda58ea1f144eca202b26a8b4d939904
- SHA256
  
  8dabe8af434fe110d74ca365ed3eeef33001aa26f1487afeb1a6f5d59e7e544c
- SHA512
  
  0492b3fd2cbf11f5a0b4630c985a55abcee0ce649089da22d81a35747cb8f45113c19713480f9cc3dda3d21048f985c1c523d29322919bdcf674cc3282843a65
- SSDEEP
  
  98304:GuGNSE1YoL/GizoQO1iL54S3Fo2d+06CX4LBkWafq8oLPN/livrnD9GAs:X49yUGizoFi5d3Fov1+WeqjPN/+Fs
Score

3^/10
behavioral1
- Target
  
  Carpetas de Archivos/Comandos.txt
- Size
  
  121B
- MD5
  
  23a642874a79a5c48b5e138dc487484b
- SHA1
  
  4d32e2981dc272139e74ba0e30a812d9fe6f9259
- SHA256
  
  aa0b4ba0f4396ad7ce5b9d5fdd2b9a8d0a9687733f6fa604cc36317b192339f0
- SHA512
  
  82f3dde291d2fd404a6b4e4af512c5799c4807e00bfdfb9a977bcb429e796ffcd5619b8e06ce3b1bbbe697e95ae9fcadd872bc5b1067ef4899de32bc3be04774
Score

1^/10
behavioral2
- Target
  
  Carpetas de Archivos/VDX_v1.14.3.0_x64_x86_GPDWinEdition.zip
- Size
  
  578KB
- MD5
  
  7b4975627f69de1970615f4fd8f6b13a
- SHA1
  
  c5c4db10d0321fbbc16d0dbd68bab3e317a5be7a
- SHA256
  
  4f1b7fe766b1b7f858a5bba5f76db62c9232031e65f7f8c3b7d80eb49ab3bc8b
- SHA512
  
  48196091385e85eb53ec870d761a1f9fd1e84d3f2e93cc21823684c6ea0c6d4c39da3c5244a791469858d0e5fceff39f9640bb5a4076a8f2793b7aa5fc336f6a
- SSDEEP
  
  12288:4H2tFDPyBC32eiVjoA2VUi/8nOkg08CdZW3sfxckF9MRdagHK74Rt5aB:44eBCGb0T2i8lNdZAAZAdagqsRtY
Score

1^/10
behavioral3
- Target
  
  VDX.exe
- Size
  
  571KB
- MD5
  
  0ec433ebd5142b440a974b4872a1d1bd
- SHA1
  
  92a802eb6db2cab4cd1d97000fb05d8d99c44a3c
- SHA256
  
  d955ff9b4109095f65858989c68c226305d25e6148f63fecd10a850503fd0e17
- SHA512
  
  ac68a264d4ccc198bcd2c96b45147eeafeb9b2274ef62522d55ddb96446a19d45bf4379ce9934212c3160602945a3a251fb709249aaf143dcf05c8df27403e7a
- SSDEEP
  
  6144:48dOj0l/h2gzKtTFg6ICZgzEQ6+F1h3ZmkDiRFzD9Mxu32RFYKvq2MZ12cPz+P8:xOwlp2gz4Rg6LZ/+h3ZVit32RaKvgy8
Score

4^/10

discovery
behavioral4
- Target
  
  VDX_x64.exe
- Size
  
  614KB
- MD5
  
  21f0b42cdba178b58450899574380b18
- SHA1
  
  189f0f6e23203575b8f59b8f74312605fc7197b7
- SHA256
  
  b39ceac62b08091d06811de9ba3542ffaca6e45fef79e918a4c24fdb2dcdbb6c
- SHA512
  
  d08e92a7d391250b74d6297c8c157c77279c17a605b3687c0f15d13a8a94f99ef17373216840de1e936ce621162645500202a1179a62269d9c5209d7dfffe5af
- SSDEEP
  
  12288:klF0z4l8BnZ6V2JnPei7JfnmuN3xoI9Yq0gKvgy:klFuZ6V6nWi7JfnmuN3p990ho
Score

4^/10
behavioral5
- Target
  
  Carpetas de Archivos/ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0.zip
- Size
  
  3.0MB
- MD5
  
  2e07721b6aee22e4cd4bfa0edb05c7ee
- SHA1
  
  3bdcb2bdfe64240f3a57f71366aafd86c0d39ab4
- SHA256
  
  cbb6b0a9477b28fa5084d6897d6ea5b6cc9f5b2e442a5336a2b5cf583f3f6a80
- SHA512
  
  5388d0b5046638083d3183b547c639947f4b4480e41044056fab90237f21f25d2e25bfa4aff4b20a920afc7d3bfe60e40dd418fff93420f4d38403bd0e0590f8
- SSDEEP
  
  49152:+Aym8Xnprqw9z3YQaB1wXBL54qGOKaAMo2d2B1zo6fZoSjiX8XTfBoHWOfbfSYk:0/GizoQO1iL54S3Fo2d+06CX4LBkWafY
Score

1^/10
behavioral6
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x64/ViGEmBus.inf
- Size
  
  1KB
- MD5
  
  5ce31860fde25c806e953ab9fe96fc4a
- SHA1
  
  d306aaf74fde33b2bc01b2d4d70d3704d796d07c
- SHA256
  
  e59b63c954577f3669dca610d9f4b6646421ee7bf51426b5262f8a93fa52ac87
- SHA512
  
  c28cd210401d3abbee6105fc9db05a1b2ab93567f380ed322df4a396eadaa478fc5610c059a1c08a3ee669e50c7ecdc45dfd32c0504847ab6d3a85f2eba23acf
Score

1^/10
behavioral7
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x64/ViGEmBus.sys
- Size
  
  52KB
- MD5
  
  e4a203f7a9e7d8aa9bf00cc01d1aa9f9
- SHA1
  
  f3ccd5cbbd7bcee4c6e18b543961a0e62f4fd1f2
- SHA256
  
  cc2ee46d090e5fef4c87d13b370dca53b71c292186f845bb4afab5bc5539d1b4
- SHA512
  
  eae943fbf2c20cb3ef4d0cd071996922e5b8506409190f1ddbb04f65001042b33368fd3691e575192b4530198ee2afe48cde281e877b41364aab3358b04e9b23
- SSDEEP
  
  768:oDlFUmL5XjvV4r6YWQcVumZipPMJH0LpVnGXeGR5WFGcyWR13fM0jI2O33whGV:olt9TVoptM+9Vqea5WFGcyWR1EoHughw
Score

1^/10
behavioral8
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x64/WdfCoinstaller01009.dll
- Size
  
  1.7MB
- MD5
  
  d394a3ae079564895ffac936c4b8f8cc
- SHA1
  
  d008ed4c8aed6c2e1fd664ccfa4dd03a2bf7af73
- SHA256
  
  289c93ccf3295ffdd546302a6688761f2c5f490c3b8240bde13696c242206258
- SHA512
  
  197fca3bedebf124b2812352735b2de1a7e89fefa1b7263801d4d240ee1a251cd164fd4ada7db34f7aca41b7de4e5b65d11abfae732206d2f53bffff12971aa7
- SSDEEP
  
  24576:wU4MsColC6Je/ZgY7OOfcEpiRLH87SyVXGe38uKUj+NFVov1PJLfVKZ8F5mEeZW3:pFCsfZRZA6Xn388avVovfLd+Mo4iE3
Score

1^/10
behavioral9
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x64/vigembus.cat
- Size
  
  11KB
- MD5
  
  339a567e6515a47edecbdaf040b7f0dd
- SHA1
  
  141082c734ead76fd9756cdb35878e3ca342f307
- SHA256
  
  7269dfefb9d5c3a1876254caf038e69e04ffd201b174b1baa29de9485ac0bbb8
- SHA512
  
  0d8a7eeed7e6429600d7f4968cfdfe0615a6ec2a59edf5759a69e236c3ec9c2882427602080ca01732caa8d0765522785e8ae30ebc6531b531e9df7e6b6a41e1
- SSDEEP
  
  192:vIpqoMQMGl7UKazgsxxmmKri9iHMyMLowH0JOqNG8Fp28Wh8n4nL:sMQM1K2XYmK+9TU5JNNzFwhhiIL
Score

8^/10
- Blocklisted process makes network request
behavioral10
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x86/ViGEmBus.inf
- Size
  
  1KB
- MD5
  
  93c8fd5c4dc312dd336f33fa5fc0e910
- SHA1
  
  fa8bf413566eeeaf07e80d3a42ea8a6d2d18d6f5
- SHA256
  
  2681e5edb0d49b556b1bc795daa4434ff8da7f7c6bc41494ad952010b9bf7152
- SHA512
  
  7aa632090e323deeca6a157bb714b4d37d95b21fe37361df6bc2f6d386da8d722df64736429dca92921c22a160ebd1a8632ee02d377a14c44f22bdc2f70af0cf
Score

1^/10
behavioral11
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x86/ViGEmBus.sys
- Size
  
  47KB
- MD5
  
  3dc219a6184096ad4dca69aee0012ab3
- SHA1
  
  56d232daad01982fc53f42567fcc5a2cfc34cf93
- SHA256
  
  7acbf5c201a565122d06b9f9725720f745fb9cb309b73b633b7a97efee69cea6
- SHA512
  
  9c07895382d5496176343d4b83c6f2369ed2b1c43ac915aedea3e2ac4bbeb26b25e065e04bbd9bcd52bfbbc02c59c5a233f9cc5d4a7c4ed0f2b515f57dcb869b
- SSDEEP
  
  768:KrIXKjBN4rm/dcSKIcyleyLJGcyixAR13tqHBaMI2OYc3wheZ:KrCK1Grm0ylVLJGcypR1MFH8gheZ
Score

1^/10
behavioral12
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x86/WdfCoinstaller01009.dll
- Size
  
  1.4MB
- MD5
  
  cde6594380b7f27a109c274a51f86772
- SHA1
  
  06ad9d024c25b58a5e88bec8b3f93e98b01a4d37
- SHA256
  
  31a38dd8d49eab4ac7eea4cb1d7930b0984bf780f0ab6d0576f40150842ef5bf
- SHA512
  
  75b9e6910a397e66a32d80eb00a16bc058a49ad984b06e1bd945b089780e65775f74bf5d508b63cd21e299559c866eed3e2f405d04477518971a000212389552
- SSDEEP
  
  24576:djG90oN2lj11mk/22yYzGrarZRm4X5Uh6rVh5LdfBwOyCSQM1fFhSWRAl1:BGtN2h1120R7m4XShYVxfBwrC21fXSN
Score

3^/10

discovery
behavioral13
- Target
  
  ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x86/vigembus.cat
- Size
  
  10KB
- MD5
  
  8b256522abf03790f9610a280442dd58
- SHA1
  
  3c45eed98538a4285fe7bd5d4bcd4cc36dc42cd4
- SHA256
  
  42c3332efd7a3b6862ff4ff56d027cf729897047e5a4a717dac29de3e87f81cd
- SHA512
  
  cf3f5d240c921dc38f21bfd909b8ba2589d7a0eaf795e3896d8f6c40e45cb060fe72bc1a2b3c501a9c6874bc2e17ac5c3b3323f7647b1c38ffe541d852021f6c
- SSDEEP
  
  192:c84IojFMQMGl7UKazgsxxmmKri9iHMyMXoRwH0JOqNG8Fp28Wh8n2kVe:puFMQM1K2XYmK+9T65JNNzFwhhi2ae
Score

8^/10
- Blocklisted process makes network request
behavioral14
- Target
  
  Carpetas de Archivos/X360CE - 32 Bits/x360ce.exe
- Size
  
  2.8MB
- MD5
  
  04ae76f89c99b8a225771f3702b1c858
- SHA1
  
  aff34cd0c77243e54b57ed2a55213159effb1f0e
- SHA256
  
  f54deb01f98614fd94eb2954e0c909b2518370d4286767cd265f77f6588bff9b
- SHA512
  
  985dad2372edf283e5c8068ee5c315b0e31f03bfe909a773cab31ceb1064308148f299008db488984853ca46fafdfe15abd1b2624ead8942425eb027737869e9
- SSDEEP
  
  49152:ol7PbfJJb4/WGhvbBJJb4/WGmJJb4/WGi0wr+CTZtvwZOP7UCqEJJK4//Gz:oVPXbbGNRbbGubbGiBr+AK+Gz
Score

4^/10

discovery
behavioral15
- Target
  
  Carpetas de Archivos/X360CE - 64 Bits/x360ce_x64.exe
- Size
  
  2.8MB
- MD5
  
  37793bbd313cfbc6b37054be4e2d6e32
- SHA1
  
  67e4965c019f23847d20fa2e4cc3f9687d0d23de
- SHA256
  
  b19cd47bdbdc061adef78ac0b624c9c3602bec8806a4541f67d0db08116766bb
- SHA512
  
  6f91ebad942e25bcefdf0bdc1d2857ed8fb439f0709702ca5ca2bfa27734c889fa1caaad6c4da8935a86e3293a678a933025579f4209ad22ae618f5bb0c90578
- SSDEEP
  
  49152:IhnPbfJJb4/WG/UbRJJb4/WGmJJb4/WGi0wr+CTZtOTQOYG7UCq3JJK4//GB:IVPXbbGshbbGubbGiBr+4NK+GB
Score

4^/10
behavioral16
- Target
  
  Carpetas de Archivos/devcon.rar
- Size
  
  22KB
- MD5
  
  9f7e510a5527724ce499e65977d35269
- SHA1
  
  41676b00113576be61a24b72e4107eeb5af2b5f7
- SHA256
  
  dfe459f6590c7d561af7949fb88b4c9c76af00df2e53169105670f053ecc9517
- SHA512
  
  b849d3618b8185022d35670186318752a9cd10d155930b620c3c0a6bda5a0329630d54089f51a30f04769b3e2f7edffe1d8481a7f57b5974060a3f1c07b8de2c
- SSDEEP
  
  384:dB2JRWgpBEKSvxK/dFUQOUoExAFnYr0A76zC+cgHJ4k50nWN7qzm4:fqrBEt0/jTx6nW0DzC+dV0WJKh
Score

3^/10
behavioral17
- Target
  
  devcon.exe
- Size
  
  80KB
- MD5
  
  2f429a7437b47ee774f9c7318b99aa0c
- SHA1
  
  0d130f602b69e533b75bc0b5ae6c735b3e7b1d1a
- SHA256
  
  6cdf9a5c39fc9e765cd7232bdb6aeaa3d2811bcbbf6875c4decc5d6c8bf308ea
- SHA512
  
  354abdf9d156636361665232abc2cae3eac731c3f50345804ab26aee619cb27c7e24b7493722e36e19df0bac122691e08db86753842c627a6b6325d26e22a407
- SSDEEP
  
  1536:sGdmm1zdwlinYnyxH0GSrFc5VfkuF4O7Wf:sGdsqZxM5cXkoRW
Score

1^/10
behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18