Overview

overview

10

Static

static

3

ToDesk_x64....8.exe

windows7-x64

10

ToDesk_x64....8.exe

windows10-2004-x64

10

Resubmissions

24-09-2024 08:26

240924-kcchja1cla 10

19-09-2024 16:17

240919-trjptsybql 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ToDesk_x64_4.7.4.8.exe.v

  • Size

    56.3MB

  • Sample

    240919-trjptsybql

  • MD5

    e43eaf8183e538eb28e5dfd31ba074bc

  • SHA1

    4d90bca79dbb3994fc1cf99921b1942520bee490

  • SHA256

    3771d6a0594a42845193f182b177151b295e458f17749e74ae5a5320210a2fe8

  • SHA512

    d43c32749ff1db235f063cc071c33af41dde25fd1c92d1fb670ad8ee0c5b7ab24f172138d7a18b0f61d9e4e959d4b765965ca3e38f0aa9cbb4e51125d6de70a5

  • SSDEEP

    1572864:A4959RiO7XJ5d5crS8/JruPXzKgz5zejq4/OiV0xNnw:lT7XJ5gTJrOzKs5y//OiVwZw

Score
10/10
plugxdiscoverytrojan

Malware Config

Targets

    • Target

      ToDesk_x64_4.7.4.8.exe.v

    • Size

      56.3MB

    • MD5

      e43eaf8183e538eb28e5dfd31ba074bc

    • SHA1

      4d90bca79dbb3994fc1cf99921b1942520bee490

    • SHA256

      3771d6a0594a42845193f182b177151b295e458f17749e74ae5a5320210a2fe8

    • SHA512

      d43c32749ff1db235f063cc071c33af41dde25fd1c92d1fb670ad8ee0c5b7ab24f172138d7a18b0f61d9e4e959d4b765965ca3e38f0aa9cbb4e51125d6de70a5

    • SSDEEP

      1572864:A4959RiO7XJ5d5crS8/JruPXzKgz5zejq4/OiV0xNnw:lT7XJ5gTJrOzKs5y//OiVwZw

    Score
    10/10
    plugxdiscoverytrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks