General

  • Target

    IMG-8487575764-INVOICE-ORDER-PDF.jar

  • Size

    625KB

  • Sample

    220620-rcre1sdfhr

  • MD5

    daa1c32ef9e2e9a40bf681ffdd39d1b7

  • SHA1

    ae25896d315239053094cc5647876a90261e0d82

  • SHA256

    8752adfcb12af2daf3bff72ab52a4c95a0954fbdff7d6c1361c847c25f579466

  • SHA512

    231812ee915a5315a304558a54ae3f58c4b91396583219f72ce35ed0f712f678cd032d5e2802be6966e79f8abb0b84e9acc28729ecc352094508232783df9a95

Score
10/10

Malware Config

Targets

    • Target

      IMG-8487575764-INVOICE-ORDER-PDF.jar

    • Size

      625KB

    • MD5

      daa1c32ef9e2e9a40bf681ffdd39d1b7

    • SHA1

      ae25896d315239053094cc5647876a90261e0d82

    • SHA256

      8752adfcb12af2daf3bff72ab52a4c95a0954fbdff7d6c1361c847c25f579466

    • SHA512

      231812ee915a5315a304558a54ae3f58c4b91396583219f72ce35ed0f712f678cd032d5e2802be6966e79f8abb0b84e9acc28729ecc352094508232783df9a95

    Score
    10/10
    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks