ploutus | 0e37b8a6711a3118daa1ce2e2f22c09b3f3c6179155b98215a1d96a81c767889 | Triage

Submit
Reports

Overview

overview

Static

static

0e37b8a671...89.exe

windows7-x64

0e37b8a671...89.exe

windows10-2004-x64

Sharing

General

Target

0e37b8a6711a3118daa1ce2e2f22c09b3f3c6179155b98215a1d96a81c767889.exe
Size

199KB
Sample

240824-ebe95stbrr
MD5

1876442db107de88ad1dd01cb6c764a3
SHA1

232163c4c6e6455d22c57453166269dbf3140692
SHA256

0e37b8a6711a3118daa1ce2e2f22c09b3f3c6179155b98215a1d96a81c767889
SHA512

d8d7e12ffa90bf7b55250a0548bbc0586b132461b1e4b213e3a44cb8942c8f503c165614fc3c6ad7c1955fd216b3bdeede827ec70a98d589f88b7ded53a45432
SSDEEP

3072:zqODUQEEqx+IlkVz1QOFTas5+U1o3I3WAc51zHT29HTBXNUpY4aqf:z5DUQEEqxnEz1lOA+UrcLHTQFXN

Score

10^/10

ploutus atm backdoor discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

0e37b8a6711a3118daa1ce2e2f22c09b3f3c6179155b98215a1d96a81c767889.exe

Resource

win7-20240729-en

ploutus atm backdoor discovery

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

0e37b8a6711a3118daa1ce2e2f22c09b3f3c6179155b98215a1d96a81c767889.exe

Resource

win10v2004-20240802-en

ploutus atm backdoor discovery

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  0e37b8a6711a3118daa1ce2e2f22c09b3f3c6179155b98215a1d96a81c767889.exe
- Size
  
  199KB
- MD5
  
  1876442db107de88ad1dd01cb6c764a3
- SHA1
  
  232163c4c6e6455d22c57453166269dbf3140692
- SHA256
  
  0e37b8a6711a3118daa1ce2e2f22c09b3f3c6179155b98215a1d96a81c767889
- SHA512
  
  d8d7e12ffa90bf7b55250a0548bbc0586b132461b1e4b213e3a44cb8942c8f503c165614fc3c6ad7c1955fd216b3bdeede827ec70a98d589f88b7ded53a45432
- SSDEEP
  
  3072:zqODUQEEqx+IlkVz1QOFTas5+U1o3I3WAc51zHT29HTBXNUpY4aqf:z5DUQEEqxnEz1lOA+UrcLHTQFXN
Score

10^/10

ploutus atm backdoor discovery
- Ploutus
  Ploutus is an ATM malware written in C#.
  backdoor atm ploutus
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Account Manipulation

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Permission Groups Discovery

Local Groups

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

ploutusatmbackdoordiscovery

behavioral2

ploutusatmbackdoordiscovery

© 2018-2024

Terms | Privacy