Threat Database Trojans Trojan.Slugin.B

Trojan.Slugin.B

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 14,187
Threat Level: 80 % (High)
Infected Computers: 280
First Seen: July 12, 2021
Last Seen: April 1, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Slugin.B
Signature status: No Signature

Known Samples

MD5: 5b0ee1b06f1a90b3156ea7c1a5b9920e
SHA1: 8015e2839c5c0c0329e92893627d664a43061426
SHA256: C1877A055E3FA8A69EFDF482EEA0C1F9593678F17930155F7585C62BAFEC9506
File Size: 483.81 KB, 483811 bytes
MD5: 98b99a210a6e6a886050b759eec3506d
SHA1: a66f8e71f682bbed94ae629408eb3b7726cfaf37
SHA256: D2EEE0713FC55D3B110582B4A68369300EBD2A59B473E7EE50AC6FF65D6968E7
File Size: 1.03 MB, 1031139 bytes
MD5: eb4acbaedd365a94ac01d44934bdebde
SHA1: 4bfce9a75cdf5a2ebb88b80c72468aaca8c814c9
SHA256: 6135A5ABE346A3AF1757998C92AFF58732468333B6C4A12714DB761703E3454B
File Size: 198.14 KB, 198144 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name MySQL AB
File Description Administrator Tool for Win32
File Version 1.0.0.0
Internal Name WinMySQLadmin
Legal Copyright Read Public File
Product Name WinMySQLadmin
Product Version 1.0.0.0

File Traits

  • 2+ executable sections
  • big overlay
  • BINinO
  • HighEntropy
  • Installer Manifest
  • MZ (In Overlay)
  • nosig nsis
  • No Version Info
  • SusSec
  • x86

Files Modified

File Attributes
\device\namedpipe\gmdasllogger Generic Write,Read Attributes
c:\users\user\appdata\roaming\wplugin.dll Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\windows\wplugin.dll Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144

Windows API Usage

Category API
Process Manipulation Evasion
  • ReadProcessMemory
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation

Trending

Most Viewed

Loading...