plugx | 0e494e451e402ab67b754b81a933600fe49c71a780c9aebb85153708938ba3b2 | Triage

Submit
Reports

Overview

overview

Static

static

3

ToDeSK_X64....7.exe

windows7-x64

ToDeSK_X64....7.exe

windows10-2004-x64

Sharing

General

Target

ToDeSK_X64_4.7.4.7.exe.v
Size

56.3MB
Sample

240915-vpe5asteph
MD5

9909bb084a348057725ad3e8ddb0a0e5
SHA1

ccb9413442b58b3d34ac9299a82cd721c1acea29
SHA256

0e494e451e402ab67b754b81a933600fe49c71a780c9aebb85153708938ba3b2
SHA512

a7fc3a92a65f3b4f2d86138960ccaef2b9d1d44a02e0bf18a1d07f9687e15bcf390e3eb966fcfcbe7b940d60e455488f3e01d344fd7f3672d258e45db12ec404
SSDEEP

786432:MF0RxYqkGWDfPUzHixmoxlKG/zUmKGCM5jz44CrM9qAG9uE0wj0YM2xmoxsfrXC2:A6kGMsH8m+ZKHMdC4989OwjEznjXDn

Score

10^/10

plugx discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ToDeSK_X64_4.7.4.7.exe

Resource

win7-20240903-en

plugx discovery trojan

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

ToDeSK_X64_4.7.4.7.exe

Resource

win10v2004-20240802-en

plugx discovery trojan

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  ToDeSK_X64_4.7.4.7.exe.v
- Size
  
  56.3MB
- MD5
  
  9909bb084a348057725ad3e8ddb0a0e5
- SHA1
  
  ccb9413442b58b3d34ac9299a82cd721c1acea29
- SHA256
  
  0e494e451e402ab67b754b81a933600fe49c71a780c9aebb85153708938ba3b2
- SHA512
  
  a7fc3a92a65f3b4f2d86138960ccaef2b9d1d44a02e0bf18a1d07f9687e15bcf390e3eb966fcfcbe7b940d60e455488f3e01d344fd7f3672d258e45db12ec404
- SSDEEP
  
  786432:MF0RxYqkGWDfPUzHixmoxlKG/zUmKGCM5jz44CrM9qAG9uE0wj0YM2xmoxsfrXC2:A6kGMsH8m+ZKHMdC4989OwjEznjXDn
Score

10^/10

plugx discovery trojan
- Detects PlugX payload
- PlugX
  PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
  trojan plugx
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

plugxdiscoverytrojan

behavioral2

plugxdiscoverytrojan

© 2018-2024

Terms | Privacy