General

  • Target

    3e3be478ed11688712adf7678bcec7b13b6d50d50d3223e799de0beafc364add

  • Size

    290KB

  • Sample

    220620-cp76zadgb7

  • MD5

    7bfad819ae8b0f593cc8ec98d0a82c80

  • SHA1

    68d8f13ff814d280c318f4dff4e39a12ef0f1125

  • SHA256

    3e3be478ed11688712adf7678bcec7b13b6d50d50d3223e799de0beafc364add

  • SHA512

    52612467f09be4becdff5d3de763a8a63281c5f66057867e63b9ed0e217154510047db1f3d0ab94a23d5799f15c8ba9ac302de517acd8d432b72f56d7d62708d

Malware Config

Targets

    • Target

      3e3be478ed11688712adf7678bcec7b13b6d50d50d3223e799de0beafc364add

    • Size

      290KB

    • MD5

      7bfad819ae8b0f593cc8ec98d0a82c80

    • SHA1

      68d8f13ff814d280c318f4dff4e39a12ef0f1125

    • SHA256

      3e3be478ed11688712adf7678bcec7b13b6d50d50d3223e799de0beafc364add

    • SHA512

      52612467f09be4becdff5d3de763a8a63281c5f66057867e63b9ed0e217154510047db1f3d0ab94a23d5799f15c8ba9ac302de517acd8d432b72f56d7d62708d

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks