General

  • Target

    002b00d2cceee6621a0826357077e824876bee4a3d7eb033ed00d68cd0e82235

  • Size

    1.6MB

  • Sample

    220620-wwz9gshdfm

  • MD5

    47b1731653008b455c3bbe2229622527

  • SHA1

    79a2cb46b49862bfd8ae92f05efb189717f00f46

  • SHA256

    002b00d2cceee6621a0826357077e824876bee4a3d7eb033ed00d68cd0e82235

  • SHA512

    c52dbf5344c4166046709724b9c4931f1653022172ec1b04c0b937612438c86dddd2aeabe24b643a70aaaba745849bf1748fa69279c75bae7534dc2fcbc90750

Malware Config

Targets

    • Target

      002b00d2cceee6621a0826357077e824876bee4a3d7eb033ed00d68cd0e82235

    • Size

      1.6MB

    • MD5

      47b1731653008b455c3bbe2229622527

    • SHA1

      79a2cb46b49862bfd8ae92f05efb189717f00f46

    • SHA256

      002b00d2cceee6621a0826357077e824876bee4a3d7eb033ed00d68cd0e82235

    • SHA512

      c52dbf5344c4166046709724b9c4931f1653022172ec1b04c0b937612438c86dddd2aeabe24b643a70aaaba745849bf1748fa69279c75bae7534dc2fcbc90750

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks