Legacy Threat: PlugX Builder/Controller Discovered in Open Directory
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 07891e60-d2e2-4366-9980-644cd3c607c8 |
| Fingerprint | b534ba5be6e38681 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 3, 2024, midnight |
| Added to db | Oct. 9, 2024, 8:27 p.m. |
| Last updated | Nov. 14, 2024, 11:50 p.m. |
| Headline | Legacy Threat: PlugX Builder/Controller Discovered in Open Directory |
| Title | Legacy Threat: PlugX Builder/Controller Discovered in Open Directory |
| Detected Hints/Tags/Attributes | 54/2/29 |
Source URLs
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | hunt.io | hunt.io |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 74 | adodb.stream |
|
| Details | Domain | 57 | hunt.io |
|
| Details | File | 1 | wmiplayer.exe |
|
| Details | File | 21 | m.exe |
|
| Details | File | 3 | 111.exe |
|
| Details | File | 5 | mc.exe |
|
| Details | File | 12 | mcutil.dll |
|
| Details | File | 44 | payload.bin |
|
| Details | File | 1 | sweetpotatos.exe |
|
| Details | File | 1 | mcd.txt |
|
| Details | File | 1 | mce.txt |
|
| Details | File | 1 | mcp.txt |
|
| Details | File | 1 | online.dat |
|
| Details | File | 3 | instructions.exe |
|
| Details | File | 1 | update_original.exe |
|
| Details | File | 59 | 2.exe |
|
| Details | File | 1 | lable.ico |
|
| Details | File | 36 | 1.jpg |
|
| Details | File | 1 | fscan.rar |
|
| Details | File | 1 | lable.rar |
|
| Details | File | 96 | rar.exe |
|
| Details | File | 1 | x3avast.exe |
|
| Details | sha256 | 1 | 1c3954b25fe7d32b72c8c8d7d9b6a1a3b9ff4d175b55cbaade435e0c770d0595 |
|
| Details | sha256 | 1 | 3a5088295708d3304f06de0499b9243bfbd68d14878615c531f0e346f47b389d |
|
| Details | sha256 | 1 | 01f11f89c1ef84e60068e60a6d9dff2d2277341673a981ecbf864dcaf72e7f30 |
|
| Details | sha256 | 1 | 76d590c38387f6042ad39b20cd86ea5a0f2632889e4dd18d67d2a7a188d20890 |
|
| Details | sha256 | 1 | 285f9d4a3d5511e68ccc9ff14f209ac6cfdc0c3a51063d217190d5b8d49c2e47 |
|
| Details | sha256 | 1 | a9cec009503d067f241b5eddaea4e42c38edcb0b57c1b46e946c5281b7f1ea21 |
|
| Details | sha256 | 1 | b150773df7b525ce2b70822a06c06241f251eae96c9ee12fc97776d3826d36a7 |