General

  • Target

    3adb3e35c3a5a97519ba2374eaf01c1acf9259af46ba2532630842c1bfb3cb37

  • Size

    531KB

  • Sample

    220703-w836xaccaj

  • MD5

    b804a8a051c88a0de870d9ce6364b082

  • SHA1

    1723645eabbc4867ab177ce12cba4ac37e403421

  • SHA256

    3adb3e35c3a5a97519ba2374eaf01c1acf9259af46ba2532630842c1bfb3cb37

  • SHA512

    0bcbc6b45784455d0c8d2bbe96170e32e84331559c4b5bba23af89d99670b2891eb6286fbb8b4f96cc123f3d394cc1d184a388f9de3a4af3382a90b80e3fbcf3

Malware Config

Targets

    • Target

      3adb3e35c3a5a97519ba2374eaf01c1acf9259af46ba2532630842c1bfb3cb37

    • Size

      531KB

    • MD5

      b804a8a051c88a0de870d9ce6364b082

    • SHA1

      1723645eabbc4867ab177ce12cba4ac37e403421

    • SHA256

      3adb3e35c3a5a97519ba2374eaf01c1acf9259af46ba2532630842c1bfb3cb37

    • SHA512

      0bcbc6b45784455d0c8d2bbe96170e32e84331559c4b5bba23af89d99670b2891eb6286fbb8b4f96cc123f3d394cc1d184a388f9de3a4af3382a90b80e3fbcf3

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks