Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0b3fd64713...2b.exe

windows7-x64

10

0b3fd64713...2b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b3fd64713282aa0c31877bb1078ead1677f25b83e71cd73720ad02eea1bf92b

  • Size

    227KB

  • Sample

    250103-t9w3watkdt

  • MD5

    058f639ccb210210a0f8e4441ac2dd31

  • SHA1

    c8037330b9df11a524191583243fdc558738785e

  • SHA256

    0b3fd64713282aa0c31877bb1078ead1677f25b83e71cd73720ad02eea1bf92b

  • SHA512

    668b12f0e09ac99d99d9cef83dec7ed08f4ac2786c38986a0619ad9e984be732b786fd164c91d4204ad44d65b9251b5895db4224bc975d30426b08d324d60b0b

  • SSDEEP

    6144:uLkD+fqCNAl8aVuMULdQrdas2gQntcgMly5CjrjZZ6AnRl:uYD+iCNAl/HULdQrRfQnegMlcCjeAnRl

Score
10/10
plugxdiscoverytrojan

Malware Config

Targets

    • Target

      0b3fd64713282aa0c31877bb1078ead1677f25b83e71cd73720ad02eea1bf92b

    • Size

      227KB

    • MD5

      058f639ccb210210a0f8e4441ac2dd31

    • SHA1

      c8037330b9df11a524191583243fdc558738785e

    • SHA256

      0b3fd64713282aa0c31877bb1078ead1677f25b83e71cd73720ad02eea1bf92b

    • SHA512

      668b12f0e09ac99d99d9cef83dec7ed08f4ac2786c38986a0619ad9e984be732b786fd164c91d4204ad44d65b9251b5895db4224bc975d30426b08d324d60b0b

    • SSDEEP

      6144:uLkD+fqCNAl8aVuMULdQrdas2gQntcgMly5CjrjZZ6AnRl:uYD+iCNAl/HULdQrRfQnegMlcCjeAnRl

    Score
    10/10
    plugxdiscoverytrojan

    • Detects PlugX payload

    • PlugX

      PlugX is a RAT (Remote Access Trojan) that has been around since 2008.

      trojanplugx

    • Plugx family

      plugx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks