PlugX Tracker - PlugX Malware Corpus

PlugX chronicles
Corpus of SETUP
DLL
EXE
Payload
DOC
About

Corpus
Virustotal
Malwr
Totalhash
ThreatExpert
Eureka
Hybrid Analysis
Anubis
First SeenSample MD5File NameFile SizeFile TypeMutexpehashimphash
N
Y
N
N
N
 N
N
N
2015-10-05 11:53
dc67da8e12bfe714cadc19bd8f9213f7
 iPAQDetetion2.exe 149048 13
db4c9c7654b9c4022752705cd1c8c5c7
N
N
N
N
N
 N
N
N
2015-09-21 16:39
a88c4f54794769bcbc9f41bdcdc00552
 fsguidll.exe 13
N
N
N
N
N
 N
N
N
2015-09-21 14:49
40d0f83ccc6f811c9684780acb5f67e2
N
Y
N
N
N
 N
Y
N
2015-08-07 09:56
5710d567d98a8f4a6682859ce3a35336
 PerformanceServer.exe 21872 13
da383e06b85588afc05d93fc04ab8c13
N
Y
N
N
N
 N
Y
N
2015-02-05 11:09
76a7eeb9d4a6bec3a2361916f89703fe
 RasTls.exe 81920 13
28f78a9830fd768eb84188339a03053e
N
Y
N
N
N
 N
N
N
2014-07-29 09:28
3055b6a64a8d9c7b02d6a54dc6ad92ae
 RasTls.exe 104960 13
a8a20d7db2ee7cd1a85074534adab9f4
Y
Y
Y
N
N
 N
N
N
2014-05-17 08:03
e9e925f211e7e1cf485405367d291ffa
 setup_mcs.exe 459763 13
585bb0ca85d277e7476ca35882879c202fa2adc7
3eaa732d4dae53340f9646bdd85dac41
N
Y
N
N
N
 N
N
N
2014-04-11 11:50
37e3cbc755187b3cf71b9b871e0ca3c5
 hpcustparticui.exe 514568 13
8857232077b4b0f0e4a2c3bb5717fd65079209784f41694f8e1b469e34754cf6[708]RegValuesLock
d031f6a628e1b9f6be2044a82d64ae29
N
Y
N
N
N
 N
N
N
2014-03-23 13:03
9d04bd9a340eca1b92fe05755e9b349a
 setup.exe 805544 13
7efb0544f35de181b6f1a663416fa3da
Y
Y
N
N
N
 N
N
N
2013-06-03 23:58
b1ce445e98f78bc563703aa0b1788aa8
 loginblocker.exe 175768 13
b96e8258a797d02da8297a6cbd24ee58bd2fed18
Y
Y
N
N
N
 N
N
N
2013-05-11 13:33
08f4f5250a3423bfb8c0729d19b14f56
 time.exe 96648 13
c9b86201ff56441a246df4d082a186b156342c31
9476e2451f37234d2fc413479b75610b
Y
Y
N
N
N
 N
Y
N
2012-12-18 23:56
89d0a9ad7eeece9a2ab3d8ab6722c9b3
 msinfo.exe 70632 13
ef97cd39d19c743ba2b242c2d2cbffc05307a24c
26b0e041a8d52cd77b981e63520c91f8
Y
Y
N
N
N
 N
N
N
2012-09-13 23:07
0d58e5f4e82539de38ba7f9b4a8dda12
 vti-rescan 173592 13
bbc29a3c9f44bbf2f3b9c976ec9a94e9581787be
6d7a6641c4401973050d7711ad00a347
N
Y
N
N
N
 N
Y
N
2012-07-28 02:00
6b97b3cd2fcfb4b74985143230441463
 Gadget.exe 26112 13
ba47a0478b3cdd3b7d2c2438b409a2ca
N
Y
N
N
N
 N
Y
N
2011-06-02 07:29
09b8b54f78a10c435cd319070aa13c28
 Nv.exe 47208 13
df7251fdce5e0d0813311ec9d52fde93
N
Y
N
N
N
 N
Y
N
2011-04-15 22:48
8ddc664747b4c424c4ed576362134f3c
 RunHelp.exe 120688 13
e3a8d6044e91253bb5c00fb6a4a93530
Y
Y
N
N
N
 N
Y
N
2011-02-11 03:59
71a2d4155d4e320a0435e5081f55f77a
 AFLogVw.exe 224992 13
ATEtcLoadLibrary-BADBCCA6-F410-403c-B926-E8CA1DE1A138
83e96e0f539f4f3a2cf96193074ccdbef1f6badd
4b9e956275afb299131b463c62011af9
N
Y
N
N
N
 N
N
N
2010-12-06 06:39
798c0c1ff4e0fce646ca82ae0379ccb0
 ALSMTray.exe 84584 13
1c7dc97e7324bbe4574e02f5642a6fbc
N
Y
N
N
N
 N
Y
N
2010-10-02 23:19
ce2ae795117e54ca8403f86e7a3e19a7
 DNSBench.exe 167296 13
RasPbFile
a47325e6eaa46d0dcab30193049c1232
N
Y
N
N
N
 N
N
N
2010-07-09 13:56
d1e6767900c85535f300e08d76aac9ab
 OleView.exe 190824 13
56d6eb0dfb1b0962771c2db6a311de25
N
Y
N
N
N
 N
N
N
2010-03-30 18:53
d9978f95ce30e85943efb52c9c7d731b
 tplcdclr.exe 38856 13
e13f6e23f3033635967a979015ffda8e
N
Y
N
N
N
 N
Y
N
2009-11-19 20:14
0cc908604a154416ccdff938328bb7d7
 SETUP.EXE 59992 13
65a6823955ca33dd9b88bd9c0eb5a258
N
Y
N
N
N
 N
N
N
2009-09-02 16:22
ce94cfaf83b76a0320cf7a4887ed1da2
 vsll19ct.0el 73528
27e7c37150ea701e486a68935187e9de
N
Y
N
N
N
 N
N
N
2009-08-29 19:58
23f2c3dbdb65c898a11e7f4ddc598a10
 hkcmd.exe 173592 13
6d7a6641c4401973050d7711ad00a347
N
Y
N
N
N
 N
Y
N
2009-05-22 20:14
ad928330ab977ddebb8d698edd9f0ae1
 finder.exe 17248 13
6dbc019aeb0763861aafc393ddde4bee
Y
Y
N
N
N
 N
Y
N
2009-05-13 23:56
4e1e0b8b0673937415599bf2f24c44ad
 Mc.exe 262672 13
ec3b874e4ffd94ecd5f1859b9e5928ed0fbdd9db
81967152d640ee7c48f1909c8dd56342
N
Y
N
N
N
 N
N
N
2009-05-11 12:57
eb2f439c4471b4bd6227e23514f748d0
 netstat.exe 36864 13
9b2e0e6048c9be88c7fb33585f4e1f8a
Y
Y
N
N
N
 N
N
N
2009-05-01 15:34
e8f06a6b962194d7aed699fe8039e6c9
 mcupdui.exe 378088 13
1a38ed6548cbab6803eb978b77b0678b1bea6a24
d5f2d90afa6dca710513d35fb87ea150
N
Y
N
N
N
 N
Y
N
2009-03-23 07:15
9459478ab9a9b996de683789f77b185c
 fsavstrt.exe 55904 13
9a7f10060cd7b11ff1893e5043727e7b
Y
Y
N
N
N
 N
Y
N
2009-02-01 22:42
62944e26b36b1dcace429ae26ba66164
 RasTls.exe 107848 13
5fc4ebb7d501fd0e17f58e1d6506abc3e87250bd
94960a8ac26bccc07e243137c9de40d8
Y
Y
N
N
N
 N
Y
N
2008-08-06 20:50
d00b3169f45e74bb22a1cd684341b14a
 setup.exe 34424 13
7eaf207dd18517c8b90c0bb9773c1f4d74cf3ca0
c2571dceb4b8006d8ee52034fe3f6ba8
Y
Y
N
N
N
 N
N
N
2008-07-10 21:00
3e7ac95808b5f76ce6a49ce36089a5fc
 AhnI2.exe 228000 13
781e0eb3c70156ad63cabd2b3f84f36ef4c2ddaf
3f985a92716c2b1a61155f11f09be37c
Y
Y
N
Y
N
 N
Y
N
2008-06-12 13:40
884d46c01c762ad6ddd2759fd921bf71
 setup_mcf.exe 140576 13
3a72a4b2ae1f005f4e81bce10a6599f742772ebe
ac47816cb3b9e4c3eb12fb787def0915
Y
Y
Y
N
N
 N
Y
N
2008-04-05 02:09
2d7a648ebe64e536944c011c8dcbb375
 fsguidll.exe 465504 13
bb3cb49181651d3519ca1e824b1e4cc62b2b0a02
341df4983270df6d677da872c342a024
Y
Y
N
N
N
 N
N
N
2008-01-19 08:38
64ff0a8730472e36e62ce29a20f61529
 ARO.exe 71072 13
e0cb973bec339a5c77ded017b4d833f8e0acdc14
5b7477f8c6bf8d17f125a9424fe4bf92
Y
Y
N
N
N
 N
N
N
2007-05-10 13:44
9211c12a06232efa8f61ff1aa7a6f83e
 DSSM.EXE 121688 13
bf6168da2465189610410ed8f357d968aec933f6
bce7d88b372bda94d6a5c3cbd25381d9
Y
Y
N
N
N
 N
Y
N
2007-04-20 06:04
5730866b34ef589bd398c9a9b6d7e307
 sx.exe 390496 13
Global_Office11_Setlang
6f94c67d3f253f6654f44ebf90b4c9efe1c11d89
faa4a507e31e9c82c2b6fae4fe9e7928
Y
Y
N
N
Y
 N
N
N
2006-08-14 16:52
c1b15b6f86984eb44337053144f664a2
 EmpPrx.exe 337488 13
f6789ee04a29857d1601e5b682d864ac05896b47a86a9f41d518b3770c1a904f_CAD0E02E86CD4436B6318C111B9092AC
cc61233ce3b5d859881a0cc0bc32096962ed1237
887e716bb513f457b1ebb4aebd3abf8e
Y
Y
N
N
N
 N
N
N
2006-03-17 06:35
f3eef6f636a08768cc4a55f81c29f347
 fsstm.exe 31984 13
f2002c0f2ecf581ffd16d68f69d057c264a5c8e6
1a2997342bdf21a72a3b569bd39fbaa8

Displayed 39 samples