plugx | af5182946b0a6bc0b457a048c133d5b23fa4ab2411f7833f0c5513a5994fc5f0 | Triage

Submit
Reports

Overview

overview

Static

static

3

cddfa154bb...18.exe

windows7-x64

cddfa154bb...18.exe

windows10-2004-x64

Sharing

General

Target

cddfa154bbe89d4627210eba087c3504_JaffaCakes118
Size

252KB
Sample

240901-aqv7pavarf
MD5

cddfa154bbe89d4627210eba087c3504
SHA1

eab98fc12e896f1e91960db2f7fb52c1b8767027
SHA256

af5182946b0a6bc0b457a048c133d5b23fa4ab2411f7833f0c5513a5994fc5f0
SHA512

8623f541c2722ea84befc9bb1f001c5e970eb936f254c9e39538749a3f3b0176cd3083c829662052048238c981a976a7f7306691cce6ea752ee508136dc0903a
SSDEEP

6144:uQi0K39IDPPa9U9NrByDqXzVvdUE7HCzMCZf:3E9IDXa9erEMzVXTs

Score

10^/10

plugx discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cddfa154bbe89d4627210eba087c3504_JaffaCakes118.exe

Resource

win7-20240708-en

plugx discovery trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

cddfa154bbe89d4627210eba087c3504_JaffaCakes118.exe

Resource

win10v2004-20240802-en

plugx discovery trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  cddfa154bbe89d4627210eba087c3504_JaffaCakes118
- Size
  
  252KB
- MD5
  
  cddfa154bbe89d4627210eba087c3504
- SHA1
  
  eab98fc12e896f1e91960db2f7fb52c1b8767027
- SHA256
  
  af5182946b0a6bc0b457a048c133d5b23fa4ab2411f7833f0c5513a5994fc5f0
- SHA512
  
  8623f541c2722ea84befc9bb1f001c5e970eb936f254c9e39538749a3f3b0176cd3083c829662052048238c981a976a7f7306691cce6ea752ee508136dc0903a
- SSDEEP
  
  6144:uQi0K39IDPPa9U9NrByDqXzVvdUE7HCzMCZf:3E9IDXa9erEMzVXTs
Score

10^/10

plugx discovery trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

plugxdiscoverytrojan

behavioral2

plugxdiscoverytrojan

© 2018-2024

Terms | Privacy