General

  • Target

    b818d2d4e3c879d076efd2f9a1c30bdb412c354245d95b31eeba607fce68a7fd

  • Size

    489KB

  • Sample

    220625-d96djscghk

  • MD5

    79f0ee0dfab6d107dcf4632f559ff3ae

  • SHA1

    6c7727e2a2e467234757b71d275794073e77ac31

  • SHA256

    b818d2d4e3c879d076efd2f9a1c30bdb412c354245d95b31eeba607fce68a7fd

  • SHA512

    b71ece005dec547218e5bba8d76352c079d85f920ebf81d365a55b874d3b111b9ef71273723974a9056c0f3c90f430628ffe79d65859c3c6774d2da6a85b7315

Malware Config

Targets

    • Target

      b818d2d4e3c879d076efd2f9a1c30bdb412c354245d95b31eeba607fce68a7fd

    • Size

      489KB

    • MD5

      79f0ee0dfab6d107dcf4632f559ff3ae

    • SHA1

      6c7727e2a2e467234757b71d275794073e77ac31

    • SHA256

      b818d2d4e3c879d076efd2f9a1c30bdb412c354245d95b31eeba607fce68a7fd

    • SHA512

      b71ece005dec547218e5bba8d76352c079d85f920ebf81d365a55b874d3b111b9ef71273723974a9056c0f3c90f430628ffe79d65859c3c6774d2da6a85b7315

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks