Overview

overview

10

Static

static

5.jar

windows7_x64

10

5.jar

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5.jar

  • Size

    630KB

  • Sample

    210420-l8k7zkcf92

  • MD5

    085dc6e275b50f45fc1e7973d44af68e

  • SHA1

    94cc43999b1104829fa0ddf16710fcc65f221731

  • SHA256

    7c7d68c4590327e3c3b7ca47d8d1b6b6554a07940e4a7dadeb65534babd5d866

  • SHA512

    188b37b6ae96d27e29377da18da4faabc0bceeeb82baf53b9e0fbcf99d02a14b5ddbd8220d2a5fb762d5b0bbea474587c75ee572f8673f46eb343dae0ea17905

Score
10/10
adwindevasionpersistencetrojan

Malware Config

Targets

    • Target

      5.jar

    • Size

      630KB

    • MD5

      085dc6e275b50f45fc1e7973d44af68e

    • SHA1

      94cc43999b1104829fa0ddf16710fcc65f221731

    • SHA256

      7c7d68c4590327e3c3b7ca47d8d1b6b6554a07940e4a7dadeb65534babd5d866

    • SHA512

      188b37b6ae96d27e29377da18da4faabc0bceeeb82baf53b9e0fbcf99d02a14b5ddbd8220d2a5fb762d5b0bbea474587c75ee572f8673f46eb343dae0ea17905

    Score
    10/10
    adwindevasionpersistencetrojan

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

      trojanadwind

    • Disables use of System Restore points

      evasion

    • Sets file execution options in registry

      persistence

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks