|
c285eaea0fe441f550479f7ef85a3dd0
|
MD5 hash
|
Malicious RAR file containing PlugX (Predlog termina zvanicne posjete zamjenice predsjedavajuceg Vijeca ministara i ministarke vanjskih poslova BiH.rar)
|
41d61af1d61d6e1c4718132e64268005
ce362b36
|
SHA1 hash
|
Malicious RAR file containing PlugX (Predlog termina zvanicne posjete zamjenice predsjedavajuceg Vijeca ministara i ministarke vanjskih poslova BiH.rar)
|
4cd7d84e464a2786446df623629aa7e2
e6c776c9a870278eb39b54c5fba05044
|
SHA256 hash
|
Malicious RAR file containing PlugX (Predlog termina zvanicne posjete zamjenice predsjedavajuceg Vijeca ministara i ministarke vanjskih poslova BiH.rar)
|
|
3a94449d664033955012edac0161b2b8
|
MD5 hash
|
Malicious shortcut file that executes PlugX (Predlog termina zvanicne posjete zamjenice predsjedavajuceg Vijeca ministara i ministarke vanjskih poslova BiH.pdf.lnk)
|
91192be3288369f341951143a81c890c
11e23726
|
SHA1 hash
|
Malicious shortcut file that executes PlugX (Predlog termina zvanicne posjete zamjenice predsjedavajuceg Vijeca ministara i ministarke vanjskih poslova BiH.pdf.lnk)
|
254739e88ba4b4e62c5e2a313303b4bc
679faabe21e7d9c483a2bee846a9dcbc
|
SHA256 hash
|
Malicious shortcut file that executes PlugX (Predlog termina zvanicne posjete zamjenice predsjedavajuceg Vijeca ministara i ministarke vanjskih poslova BiH.pdf.lnk)
|
|
370557aa593c96533e5994d073ddd202
|
MD5 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
81e8fb5149fda8e1231c9f0f22001cea
5b70429b
|
SHA1 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
9adf5dd03388fab2866014d0551881d6
e85c7ac94ef5ccf58deb50a83f8a5d50
|
SHA256 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
|
2a1fc50626afbcc6d8fbda3c65d6cc2b
|
MD5 hash
|
Encrypted PlugX payload (operaDB.dat)
|
c378c0716bf20ebc83403871ae9d96a2
717f7599
|
SHA1 hash
|
Encrypted PlugX payload (operaDB.dat)
|
d556d7603178a7e4242c01fa5e490ea4
589707eeeab2f3c6c4966bd9b912bd59
|
SHA256 hash
|
Encrypted PlugX payload (operaDB.dat)
|
|
041a00485779c5a9e42d803e730ceb6c
|
MD5 hash
|
Malicious RAR file containing PlugX (Embassy of the Republic of Suriname 2022-N-033.rar)
|
bd6e5031067724d51abfc2cd2d0fb5ad
eed33868
|
SHA1 hash
|
Malicious RAR file containing PlugX (Embassy of the Republic of Suriname 2022-N-033.rar)
|
77a61de438f618fab6e75a920e4ca675
6917e501f390b8b4f50c3005505bf488
|
SHA256 hash
|
Malicious RAR file containing PlugX (Embassy of the Republic of Suriname 2022-N-033.rar)
|
|
3277b31aa055bc149af8c37699019586
|
MD5 hash
|
Malicious shortcut file that executes PlugX (Embassy of the Republic of Suriname 2022-N-033.pdf.lnk)
|
d0d6618fc79ffa3de2aec58603539a29
4a0bc203
|
SHA1 hash
|
Malicious shortcut file that executes PlugX (Embassy of the Republic of Suriname 2022-N-033.pdf.lnk)
|
94e76db201d4998394effae2c132730f
f958bf6553f6dd08d0d5856ecb5e8a84
|
SHA256 hash
|
Malicious shortcut file that executes PlugX (Embassy of the Republic of Suriname 2022-N-033.pdf.lnk)
|
|
675ccbd9318414e2eb0dcabf8a387723
|
MD5 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
89f187c9f76d8afa2b6a8c54fa0bc105
63e0169b
|
SHA1 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
abea565d16ec5724591331d962d5cf02
37f4628f8cb21b96592c09cc002b10c2
|
SHA256 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
|
5d71c482148a76900888c8e1d382d413
|
MD5 hash
|
Encrypted PlugX payload (operaDB.dat)
|
6637e077ea52dc62cd31b1a868b3c222
953b8aa9
|
SHA1 hash
|
Encrypted PlugX payload (operaDB.dat)
|
02375309e74e91b96c0a41f577f3e4b9
94f3b406abe0619ee6ad69d00e810093
|
SHA256 hash
|
Encrypted PlugX payload (operaDB.dat)
|
|
0e37ed727cdb8ae96a50df6391991cc1
|
MD5 hash
|
Malicious RAR file containing PlugX (HU proposals to the draft EUCO conclusions.rar)
|
5285fedf930ccb1acf418c52d581e535
504aac76
|
SHA1 hash
|
Malicious RAR file containing PlugX (HU proposals to the draft EUCO conclusions.rar)
|
cbc2d11cb9a495d4697c783cd2aa711a
5691d3c257ddb95960d27c96f62c15c1
|
SHA256 hash
|
Malicious RAR file containing PlugX (HU proposals to the draft EUCO conclusions.rar)
|
|
788cf16121782b4358dc8350012470ab
|
MD5 hash
|
Malicious shortcut file that executes PlugX (HU proposals to the draft EUCO conclusions.pdf.lnk)
|
63d63b96ef50a4002d3acf8f50bc2b62
d1ec46c4
|
SHA1 hash
|
Malicious shortcut file that executes PlugX (HU proposals to the draft EUCO conclusions.pdf.lnk)
|
3cdd37d2459779bd17dd47d4dd7f0df6
fc59f5208b67b4e4a259c98d8b4788d9
|
SHA256 hash
|
Malicious shortcut file that executes PlugX (HU proposals to the draft EUCO conclusions.pdf.lnk)
|
|
3e004dd25b5e836bc2500098c55a2b6d
|
MD5 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
602a80e0924a65316cafc48356fe527e
427c291f
|
SHA1 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
7c29f4a79f74f8b299fb9e778322b002
21e9992d0ac6d2bd915da6629516fa2f
|
SHA256 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
|
5536783ddc6c15e3e8aef2a756536020
|
MD5 hash
|
Encrypted PlugX payload (operaDB.dat)
|
0809275ecacd52869b43bf4e9804e309
c6bb00b7
|
SHA1 hash
|
Encrypted PlugX payload (operaDB.dat)
|
910c0e5532a94856e8c9047e8c951e21
345bec4ca6b6950cc5ef0da102d2efab
|
SHA256 hash
|
Encrypted PlugX payload (operaDB.dat)
|
|
0e91279b5f7f732106077ab10aa08c58
|
MD5 hash
|
Malicious RAR file containing PlugX (EL Non-Paper Pandemic Resilience final.rar)
|
b4aa56abac4a19aedcda87ef2fb7c8bb
beb3bf64
|
SHA1 hash
|
Malicious RAR file containing PlugX (EL Non-Paper Pandemic Resilience final.rar)
|
4bbb10842941e9004c5449966fca1648
491618ec7841e6befd3e848d75407a10
|
SHA256 hash
|
Malicious RAR file containing PlugX (EL Non-Paper Pandemic Resilience final.rar)
|
|
1f47ba7fd131a1a6f7623d76b420d7e9
|
MD5 hash
|
Malicious shortcut file that executes PlugX (EL Non-Paper Pandemic Resilience final.docx.lnk)
|
07c5e675714a1af618d8eb1f370be127
63138343
|
SHA1 hash
|
Malicious shortcut file that executes PlugX (EL Non-Paper Pandemic Resilience final.docx.lnk)
|
bf46f4724e5a3b05130df40142446840
33feadb1c10d8309b7e3069a4b014a88
|
SHA256 hash
|
Malicious shortcut file that executes PlugX (EL Non-Paper Pandemic Resilience final.docx.lnk)
|
|
7c3a5bbbfb53d4eb91cd174527460824
|
MD5 hash
|
Malicious DLL that loads PlugX (Adobe_Caps.dll)
|
a6b2c6052ee686e204ad0fbe8d314985
57a3f4ad
|
SHA1 hash
|
Malicious DLL that loads PlugX (Adobe_Caps.dll)
|
840426f9d4d9eb535f5963f76f7cdf84
de084f352dfc0ebc7332b2b4827782e7
|
SHA256 hash
|
Malicious DLL that loads PlugX (Adobe_Caps.dll)
|
|
459b4b1edd018ba31242b4780ec39a78
|
MD5 hash
|
Encrypted PlugX payload (AdobePlugin.dat)
|
f8ae9ea9ca603dfc10a309b052dc57ee
0b75021d
|
SHA1 hash
|
Encrypted PlugX payload (AdobePlugin.dat)
|
545e2c9965dc0449bb652ae2fb3d1f74
3741ce4f18c045dc50a3f571a1f267f5
|
SHA256 hash
|
Encrypted PlugX payload (AdobePlugin.dat)
|
|
493cb5056dee306ac2c93af2285ad9d8
|
MD5 hash
|
Malicious RAR file containing PlugX (313615_MONTENEGRO-2021-HUMAN-RIGHTS-REPORT.rar)
|
dcc6edf9c40f9c3f914416805252e11a
ecb2e5ad
|
SHA1 hash
|
Malicious RAR file containing PlugX (313615_MONTENEGRO-2021-HUMAN-RIGHTS-REPORT.rar)
|
325736437e278bccd6f04e0c57f72be7
e1b4787b10743d813581cfc75dc4888f
|
SHA256 hash
|
Malicious RAR file containing PlugX (313615_MONTENEGRO-2021-HUMAN-RIGHTS-REPORT.rar)
|
|
f6b365fad2dba5c7378df81339bb3078
|
MD5 hash
|
Malicious shortcut file that executes PlugX (313615_MONTENEGRO-2021-HUMAN-RIGHTS-REPORT.pdf.lnk)
|
710bc29b56da533cae0ed5bba47916b8
11479ee8
|
SHA1 hash
|
Malicious shortcut file that executes PlugX (313615_MONTENEGRO-2021-HUMAN-RIGHTS-REPORT.pdf.lnk)
|
eab73a44642e130091177ed2a7938c67
d2411ccf81141a96bdb5116678ac97c2
|
SHA256 hash
|
Malicious shortcut file that executes PlugX (313615_MONTENEGRO-2021-HUMAN-RIGHTS-REPORT.pdf.lnk)
|
|
5c56ac14f1245fecc7fa930bb49a0f7d
|
MD5 hash
|
Malicious DLL that loads PlugX (goopdate.dll)
|
95f0de261ff57e67d666277b86783650
89853d45
|
SHA1 hash
|
Malicious DLL that loads PlugX (goopdate.dll)
|
b7f6cf8a6a697b254635eb0b567e2a89
7c7f0cefb0c0d4576326dc3f0eb09922
|
SHA256 hash
|
Malicious DLL that loads PlugX (goopdate.dll)
|
|
c94f930fee694db7253e7784ca3adc87
|
MD5 hash
|
Encrypted PlugX payload (AvastDB.dat)
|
04afecffaaff12058e07bcbda65dbbb6
1cdea762
|
SHA1 hash
|
Encrypted PlugX payload (AvastDB.dat)
|
13e60a836d64ce6d18059c82c2c0c1a3
af0fce87e16d85f26e4b665d4e24e1b1
|
SHA256 hash
|
Encrypted PlugX payload (AvastDB.dat)
|
|
e2fe6c54cb4a9a45fbc6f7eb3a9c4fbf
|
MD5 hash
|
Malicious RAR file containing PlugX (EU 31st session of the Commission on Crime Prevention and Criminal Justice United Nations on Drugs and Crime.rar)
|
85d8da08ba6ce60b9116c0c93f8d8c9e
4fa7f24c
|
SHA1 hash
|
Malicious RAR file containing PlugX (EU 31st session of the Commission on Crime Prevention and Criminal Justice United Nations on Drugs and Crime.rar)
|
09fc8bf9e2980ebec1977a8023e8a294
0e6adb5004f48d07ad34b71ebf35b877
|
SHA256 hash
|
Malicious RAR file containing PlugX (EU 31st session of the Commission on Crime Prevention and Criminal Justice United Nations on Drugs and Crime.rar)
|
|
c004559076a1d21e50477580526f2d9f
|
MD5 hash
|
Malicious shortcut file that executes PlugX (EU 31st session of the Commission on Crime Prevention and Criminal Justice United Nations on Drugs and Crime.pdf.lnk)
|
840c535120ed91eb88d32abe6fcc06d5
b3053674
|
SHA1 hash
|
Malicious shortcut file that executes PlugX (EU 31st session of the Commission on Crime Prevention and Criminal Justice United Nations on Drugs and Crime.pdf.lnk)
|
a693b9f9ffc5f4900e094b1d1360f7e7
b907c9c8680abfeace34e1a8e380f405
|
SHA256 hash
|
Malicious shortcut file that executes PlugX (EU 31st session of the Commission on Crime Prevention and Criminal Justice United Nations on Drugs and Crime.pdf.lnk)
|
|
af7b0e51f1572601889994f36b0a9d7a
|
MD5 hash
|
Malicious DLL that loads PlugX (goopdate.dll)
|
0d7daad1d60f2ed2e23188aab1f3bbab
f3ad0b63
|
SHA1 hash
|
Malicious DLL that loads PlugX (goopdate.dll)
|
bda43368b62971b395c8fbcc854b6e9d
113b3e26931214568e1df6201c1dfd0c
|
SHA256 hash
|
Malicious DLL that loads PlugX (goopdate.dll)
|
|
1409c055064becf02ed074b6d0976feb
|
MD5 hash
|
Encrypted PlugX payload (AvastDB.dat)
|
bb9803312d697d4cac5f7a2bec57da73
b4d88486
|
SHA1 hash
|
Encrypted PlugX payload (AvastDB.dat)
|
dfa01872aab09f04fcb9eca3653bd0fb
c6968d040b12aedb93050d363e964891
|
SHA256 hash
|
Encrypted PlugX payload (AvastDB.dat)
|
|
d3129539bc1e1c6cce321693be186522
|
MD5 hash
|
Malicious RAR file containing PlugX (NV 309-2022 HMA’s departure.pdf.rar)
|
d640592b13b6983a38948f733a4b4621
cdaf2530
|
SHA1 hash
|
Malicious RAR file containing PlugX (NV 309-2022 HMA’s departure.pdf.rar)
|
69ba51fe80ef91fb0b7280d16290a249
41d3a131cee43f4379821f44d089d63e
|
SHA256 hash
|
Malicious RAR file containing PlugX (NV 309-2022 HMA’s departure.pdf.rar)
|
|
07e9c84bee28450b1ec24a6f06016802
|
MD5 hash
|
Malicious shortcut file that executes PlugX (NV 309-2022 HMA’s departure.pdf.lnk)
|
4d15d67e1175f36be7b14c9474102d09
82ea97b8
|
SHA1 hash
|
Malicious shortcut file that executes PlugX (NV 309-2022 HMA’s departure.pdf.lnk)
|
924fffea4d0a4710d71b507523d76a85
4f06d4b9e64eb9074c04e1ec34141a53
|
SHA256 hash
|
Malicious shortcut file that executes PlugX (NV 309-2022 HMA’s departure.pdf.lnk)
|
|
a510e7b3e447a090cd3f41c4a1a9bd3a
|
MD5 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
d30791be1bf9d2247faa6dfbeb9c132e
9990b401
|
SHA1 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
023d3bce6f1bcf6c15eb839a4e28c488
8a346beaad74afce50cf30f4d911e70d
|
SHA256 hash
|
Malicious DLL that loads PlugX (opera_browser.dll)
|
|
e819924ea9fa0c53634b306648cb9a84
|
MD5 hash
|
Encrypted PlugX payload (operaDB.dat)
|
70f36366b579ba344f9e90ec63b0e273
fe6526e0
|
SHA1 hash
|
Encrypted PlugX payload (operaDB.dat)
|
4b7c37ca79536f2692c64dfdc1b70738
ceeb74ef7ba9e78d8f8db1dfa7ea64ef
|
SHA256 hash
|
Encrypted PlugX payload (operaDB.dat)
|
|
64.34.205.41
|
IP address
|
PlugX C2 server
|
|
69.90.190.110
|
IP address
|
PlugX C2 server
|
|
104.255.174.58
|
IP address
|
PlugX C2 server
|
Source: https://www.secureworks.com/blog/bronze-president-targets-government-officials
