Overview

overview

10

Static

static

3

e975d5b29d...18.exe

windows7-x64

10

e975d5b29d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e975d5b29d988929e5ad3a8fa19083d1_JaffaCakes118

  • Size

    252KB

  • Sample

    240918-s9bw9syhjc

  • MD5

    e975d5b29d988929e5ad3a8fa19083d1

  • SHA1

    b1043250c499ccf0ad56a688ccce662f42386869

  • SHA256

    dcff19fc193f1ba63c5dc6f91f00070e6912dcec3868e889fed37102698b554b

  • SHA512

    4546b300825fbf51525a01cca24f9f18ef65f36eff7ea3759b5f725fce92cd16ecac8f762b3066eee6930a721e3e72bd3b9a2d8bd80800050e71677ec40f13a8

  • SSDEEP

    6144:VmYFCN2tM+gfmkZxuMh2C30rzhDt7nLLzMCZf:VaAMFZxph2CkvhBLn

Score
10/10
plugxdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      e975d5b29d988929e5ad3a8fa19083d1_JaffaCakes118

    • Size

      252KB

    • MD5

      e975d5b29d988929e5ad3a8fa19083d1

    • SHA1

      b1043250c499ccf0ad56a688ccce662f42386869

    • SHA256

      dcff19fc193f1ba63c5dc6f91f00070e6912dcec3868e889fed37102698b554b

    • SHA512

      4546b300825fbf51525a01cca24f9f18ef65f36eff7ea3759b5f725fce92cd16ecac8f762b3066eee6930a721e3e72bd3b9a2d8bd80800050e71677ec40f13a8

    • SSDEEP

      6144:VmYFCN2tM+gfmkZxuMh2C30rzhDt7nLLzMCZf:VaAMFZxph2CkvhBLn

    Score
    10/10
    plugxdiscoverypersistencetrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks