Overview

overview

10

Static

static

10

VDX.exe

windows7-x64

3

VDX.exe

windows10-2004-x64

3

VDX_x64.exe

windows7-x64

1

VDX_x64.exe

windows10-2004-x64

1

ViGEmBusDr...us.sys

windows10-2004-x64

1

ViGEmBusDr...09.dll

windows7-x64

1

ViGEmBusDr...09.dll

windows10-2004-x64

1

ViGEmBusDr...us.sys

windows10-2004-x64

1

ViGEmBusDr...09.dll

windows7-x64

3

ViGEmBusDr...09.dll

windows10-2004-x64

3

Carpetas d...ce.exe

windows7-x64

3

Carpetas d...ce.exe

windows10-2004-x64

3

Carpetas d...64.exe

windows7-x64

7

Carpetas d...64.exe

windows10-2004-x64

1

devcon.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8dabe8af434fe110d74ca365ed3eeef33001aa26f1487afeb1a6f5d59e7e544c

  • Size

    5.3MB

  • Sample

    240802-m5hlcswamn

  • MD5

    13a8c7f593762d7d05d025358550367b

  • SHA1

    9bb7b8bafda58ea1f144eca202b26a8b4d939904

  • SHA256

    8dabe8af434fe110d74ca365ed3eeef33001aa26f1487afeb1a6f5d59e7e544c

  • SHA512

    0492b3fd2cbf11f5a0b4630c985a55abcee0ce649089da22d81a35747cb8f45113c19713480f9cc3dda3d21048f985c1c523d29322919bdcf674cc3282843a65

  • SSDEEP

    98304:GuGNSE1YoL/GizoQO1iL54S3Fo2d+06CX4LBkWafq8oLPN/livrnD9GAs:X49yUGizoFi5d3Fov1+WeqjPN/+Fs

Score
10/10
ploutusdiscovery

Malware Config

Targets

    • Target

      VDX.exe

    • Size

      571KB

    • MD5

      0ec433ebd5142b440a974b4872a1d1bd

    • SHA1

      92a802eb6db2cab4cd1d97000fb05d8d99c44a3c

    • SHA256

      d955ff9b4109095f65858989c68c226305d25e6148f63fecd10a850503fd0e17

    • SHA512

      ac68a264d4ccc198bcd2c96b45147eeafeb9b2274ef62522d55ddb96446a19d45bf4379ce9934212c3160602945a3a251fb709249aaf143dcf05c8df27403e7a

    • SSDEEP

      6144:48dOj0l/h2gzKtTFg6ICZgzEQ6+F1h3ZmkDiRFzD9Mxu32RFYKvq2MZ12cPz+P8:xOwlp2gz4Rg6LZ/+h3ZVit32RaKvgy8

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      VDX_x64.exe

    • Size

      614KB

    • MD5

      21f0b42cdba178b58450899574380b18

    • SHA1

      189f0f6e23203575b8f59b8f74312605fc7197b7

    • SHA256

      b39ceac62b08091d06811de9ba3542ffaca6e45fef79e918a4c24fdb2dcdbb6c

    • SHA512

      d08e92a7d391250b74d6297c8c157c77279c17a605b3687c0f15d13a8a94f99ef17373216840de1e936ce621162645500202a1179a62269d9c5209d7dfffe5af

    • SSDEEP

      12288:klF0z4l8BnZ6V2JnPei7JfnmuN3xoI9Yq0gKvgy:klFuZ6V6nWi7JfnmuN3p990ho

    Score
    1/10
    behavioral3behavioral4

    • Target

      ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x64/ViGEmBus.sys

    • Size

      52KB

    • MD5

      e4a203f7a9e7d8aa9bf00cc01d1aa9f9

    • SHA1

      f3ccd5cbbd7bcee4c6e18b543961a0e62f4fd1f2

    • SHA256

      cc2ee46d090e5fef4c87d13b370dca53b71c292186f845bb4afab5bc5539d1b4

    • SHA512

      eae943fbf2c20cb3ef4d0cd071996922e5b8506409190f1ddbb04f65001042b33368fd3691e575192b4530198ee2afe48cde281e877b41364aab3358b04e9b23

    • SSDEEP

      768:oDlFUmL5XjvV4r6YWQcVumZipPMJH0LpVnGXeGR5WFGcyWR13fM0jI2O33whGV:olt9TVoptM+9Vqea5WFGcyWR1EoHughw

    Score
    1/10
    behavioral5

    • Target

      ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x64/WdfCoinstaller01009.dll

    • Size

      1.7MB

    • MD5

      d394a3ae079564895ffac936c4b8f8cc

    • SHA1

      d008ed4c8aed6c2e1fd664ccfa4dd03a2bf7af73

    • SHA256

      289c93ccf3295ffdd546302a6688761f2c5f490c3b8240bde13696c242206258

    • SHA512

      197fca3bedebf124b2812352735b2de1a7e89fefa1b7263801d4d240ee1a251cd164fd4ada7db34f7aca41b7de4e5b65d11abfae732206d2f53bffff12971aa7

    • SSDEEP

      24576:wU4MsColC6Je/ZgY7OOfcEpiRLH87SyVXGe38uKUj+NFVov1PJLfVKZ8F5mEeZW3:pFCsfZRZA6Xn388avVovfLd+Mo4iE3

    Score
    1/10
    behavioral6behavioral7

    • Target

      ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x86/ViGEmBus.sys

    • Size

      47KB

    • MD5

      3dc219a6184096ad4dca69aee0012ab3

    • SHA1

      56d232daad01982fc53f42567fcc5a2cfc34cf93

    • SHA256

      7acbf5c201a565122d06b9f9725720f745fb9cb309b73b633b7a97efee69cea6

    • SHA512

      9c07895382d5496176343d4b83c6f2369ed2b1c43ac915aedea3e2ac4bbeb26b25e065e04bbd9bcd52bfbbc02c59c5a233f9cc5d4a7c4ed0f2b515f57dcb869b

    • SSDEEP

      768:KrIXKjBN4rm/dcSKIcyleyLJGcyixAR13tqHBaMI2OYc3wheZ:KrCK1Grm0ylVLJGcypR1MFH8gheZ

    Score
    1/10
    behavioral8

    • Target

      ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x86/WdfCoinstaller01009.dll

    • Size

      1.4MB

    • MD5

      cde6594380b7f27a109c274a51f86772

    • SHA1

      06ad9d024c25b58a5e88bec8b3f93e98b01a4d37

    • SHA256

      31a38dd8d49eab4ac7eea4cb1d7930b0984bf780f0ab6d0576f40150842ef5bf

    • SHA512

      75b9e6910a397e66a32d80eb00a16bc058a49ad984b06e1bd945b089780e65775f74bf5d508b63cd21e299559c866eed3e2f405d04477518971a000212389552

    • SSDEEP

      24576:djG90oN2lj11mk/22yYzGrarZRm4X5Uh6rVh5LdfBwOyCSQM1fFhSWRAl1:BGtN2h1120R7m4XShYVxfBwrC21fXSN

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      Carpetas de Archivos/X360CE - 32 Bits/x360ce.exe

    • Size

      2.8MB

    • MD5

      04ae76f89c99b8a225771f3702b1c858

    • SHA1

      aff34cd0c77243e54b57ed2a55213159effb1f0e

    • SHA256

      f54deb01f98614fd94eb2954e0c909b2518370d4286767cd265f77f6588bff9b

    • SHA512

      985dad2372edf283e5c8068ee5c315b0e31f03bfe909a773cab31ceb1064308148f299008db488984853ca46fafdfe15abd1b2624ead8942425eb027737869e9

    • SSDEEP

      49152:ol7PbfJJb4/WGhvbBJJb4/WGmJJb4/WGi0wr+CTZtvwZOP7UCqEJJK4//Gz:oVPXbbGNRbbGubbGiBr+AK+Gz

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      Carpetas de Archivos/X360CE - 64 Bits/x360ce_x64.exe

    • Size

      2.8MB

    • MD5

      37793bbd313cfbc6b37054be4e2d6e32

    • SHA1

      67e4965c019f23847d20fa2e4cc3f9687d0d23de

    • SHA256

      b19cd47bdbdc061adef78ac0b624c9c3602bec8806a4541f67d0db08116766bb

    • SHA512

      6f91ebad942e25bcefdf0bdc1d2857ed8fb439f0709702ca5ca2bfa27734c889fa1caaad6c4da8935a86e3293a678a933025579f4209ad22ae618f5bb0c90578

    • SSDEEP

      49152:IhnPbfJJb4/WG/UbRJJb4/WGmJJb4/WGi0wr+CTZtOTQOYG7UCq3JJK4//GB:IVPXbbGshbbGubbGiBr+4NK+GB

    Score
    7/10

    • Loads dropped DLL

    behavioral13behavioral14

    • Target

      devcon.exe

    • Size

      80KB

    • MD5

      2f429a7437b47ee774f9c7318b99aa0c

    • SHA1

      0d130f602b69e533b75bc0b5ae6c735b3e7b1d1a

    • SHA256

      6cdf9a5c39fc9e765cd7232bdb6aeaa3d2811bcbbf6875c4decc5d6c8bf308ea

    • SHA512

      354abdf9d156636361665232abc2cae3eac731c3f50345804ab26aee619cb27c7e24b7493722e36e19df0bac122691e08db86753842c627a6b6325d26e22a407

    • SSDEEP

      1536:sGdmm1zdwlinYnyxH0GSrFc5VfkuF4O7Wf:sGdsqZxM5cXkoRW

    Score
    1/10
    behavioral15

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

3
T1614

System Language Discovery

3
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks