General

  • Target

    2f6271b5a86bf61e6e7bab5e53aed511ab8baaeeecb94bd68c9289b01dbc0d7a

  • Size

    662KB

  • Sample

    220621-zp46msffh4

  • MD5

    c196b7edf0812c40739cdc1ccef60823

  • SHA1

    49cdf040adca225547aabc95ff1d39e7555d3960

  • SHA256

    2f6271b5a86bf61e6e7bab5e53aed511ab8baaeeecb94bd68c9289b01dbc0d7a

  • SHA512

    62493625994f6207e34760c23dad338083ba99ff3d1a16d4e719243af384787a7f14d712487e60599b1c84e4d4ecab4e978d588ec02cbbfdca5ae33b1dc37381

Malware Config

Targets

    • Target

      2f6271b5a86bf61e6e7bab5e53aed511ab8baaeeecb94bd68c9289b01dbc0d7a

    • Size

      662KB

    • MD5

      c196b7edf0812c40739cdc1ccef60823

    • SHA1

      49cdf040adca225547aabc95ff1d39e7555d3960

    • SHA256

      2f6271b5a86bf61e6e7bab5e53aed511ab8baaeeecb94bd68c9289b01dbc0d7a

    • SHA512

      62493625994f6207e34760c23dad338083ba99ff3d1a16d4e719243af384787a7f14d712487e60599b1c84e4d4ecab4e978d588ec02cbbfdca5ae33b1dc37381

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks