General

  • Target

    39bc96e86d7a6502c310e06825180c299a70128bb8eaa94ef7e5a0025342782d

  • Size

    536KB

  • Sample

    220625-km3sgafga5

  • MD5

    bce55d9856da631b5c069b00005bb44a

  • SHA1

    51ee1bd68d8ec67ef245d0a60c403dd97fe9ae14

  • SHA256

    39bc96e86d7a6502c310e06825180c299a70128bb8eaa94ef7e5a0025342782d

  • SHA512

    b43b1aeade497a11958abb90f5f751ebd743b1fc8b440cb1f36311f03c322d5c2e12e45568ac55e42809b2ec245e1e48094a69679e884c3ecb5acb4be9914715

Malware Config

Targets

    • Target

      39bc96e86d7a6502c310e06825180c299a70128bb8eaa94ef7e5a0025342782d

    • Size

      536KB

    • MD5

      bce55d9856da631b5c069b00005bb44a

    • SHA1

      51ee1bd68d8ec67ef245d0a60c403dd97fe9ae14

    • SHA256

      39bc96e86d7a6502c310e06825180c299a70128bb8eaa94ef7e5a0025342782d

    • SHA512

      b43b1aeade497a11958abb90f5f751ebd743b1fc8b440cb1f36311f03c322d5c2e12e45568ac55e42809b2ec245e1e48094a69679e884c3ecb5acb4be9914715

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks