adwind | 8459965329622cb67c7d3fe397ed100a25b57ee3e9f7695b4db0ddaa94035e88 | Triage

Submit
Reports

Overview

overview

Static

static

8459965329...88.jar

windows7_x64

1

8459965329...88.jar

windows10-2004_x64

Sharing

General

Target

8459965329622cb67c7d3fe397ed100a25b57ee3e9f7695b4db0ddaa94035e88
Size

62KB
Sample

220520-2lxy9safcm
MD5

e0b96fd8590ee49258f39eaebf8df251
SHA1

d9485c70b5e939b536a993997e7b53098f51025b
SHA256

8459965329622cb67c7d3fe397ed100a25b57ee3e9f7695b4db0ddaa94035e88
SHA512

91e3fda821b4ad5626110063e31d20b5b58dbde05e043697a866fd278a58bdb55c2ff4f104e8bf44014b890a392581a7817320e1528b9517ec85026a70b45384

Score

10^/10

adwind evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

8459965329622cb67c7d3fe397ed100a25b57ee3e9f7695b4db0ddaa94035e88.jar

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8459965329622cb67c7d3fe397ed100a25b57ee3e9f7695b4db0ddaa94035e88.jar

Resource

win10v2004-20220414-en

adwind evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  8459965329622cb67c7d3fe397ed100a25b57ee3e9f7695b4db0ddaa94035e88
- Size
  
  62KB
- MD5
  
  e0b96fd8590ee49258f39eaebf8df251
- SHA1
  
  d9485c70b5e939b536a993997e7b53098f51025b
- SHA256
  
  8459965329622cb67c7d3fe397ed100a25b57ee3e9f7695b4db0ddaa94035e88
- SHA512
  
  91e3fda821b4ad5626110063e31d20b5b58dbde05e043697a866fd278a58bdb55c2ff4f104e8bf44014b890a392581a7817320e1528b9517ec85026a70b45384
Score

10^/10

adwind evasion persistence trojan
- AdWind
  A Java-based RAT family operated as malware-as-a-service.
  trojan adwind
- JAR file contains resources related to AdWind
  This JAR file potentially contains loader stubs used by the AdWind RAT.
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

adwindevasionpersistencetrojan

© 2018-2024

Terms | Privacy