General

  • Target

    3377e94512bfb7dadbe466768ee6c9f748fd4441310a6d0a00d6a9b69b712d66

  • Size

    290KB

  • Sample

    220620-cp9pssbceq

  • MD5

    eff01fb621d82f1412489066d86247b2

  • SHA1

    fba07eaaf523295b390450ebe0c96566ac3bc468

  • SHA256

    3377e94512bfb7dadbe466768ee6c9f748fd4441310a6d0a00d6a9b69b712d66

  • SHA512

    1d0ee621d1ab8e88b145c8078842d6fc3445d56f2226741ada7c411ae745cac604bf6be61fad7a93a30126c7c28ae95f8929f08e78bc0b13a295035e817bac3f

Malware Config

Targets

    • Target

      Document_PDF.jar

    • Size

      290KB

    • MD5

      7bfad819ae8b0f593cc8ec98d0a82c80

    • SHA1

      68d8f13ff814d280c318f4dff4e39a12ef0f1125

    • SHA256

      3e3be478ed11688712adf7678bcec7b13b6d50d50d3223e799de0beafc364add

    • SHA512

      52612467f09be4becdff5d3de763a8a63281c5f66057867e63b9ed0e217154510047db1f3d0ab94a23d5799f15c8ba9ac302de517acd8d432b72f56d7d62708d

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks