General

  • Target

    41e48ab3137f53a4ac6520838950684ab0478cd4e1db2f18a8625830f488c6ee

  • Size

    672KB

  • Sample

    220708-ev5ddabbd4

  • MD5

    cf37420ad6484047bebc6fe739f44b24

  • SHA1

    090326c8f3d9a3130da3fb3d1d5a7d0df9013ee1

  • SHA256

    41e48ab3137f53a4ac6520838950684ab0478cd4e1db2f18a8625830f488c6ee

  • SHA512

    f485062b12c98029a4fcd8fa65812e58a1f9c46f14e41e0aec5d1bca4f09e1f8d69ad02ba3bdc07aa16355f4458951555eb405561b4b06d9b5ddf703e7e7deef

Malware Config

Targets

    • Target

      41e48ab3137f53a4ac6520838950684ab0478cd4e1db2f18a8625830f488c6ee

    • Size

      672KB

    • MD5

      cf37420ad6484047bebc6fe739f44b24

    • SHA1

      090326c8f3d9a3130da3fb3d1d5a7d0df9013ee1

    • SHA256

      41e48ab3137f53a4ac6520838950684ab0478cd4e1db2f18a8625830f488c6ee

    • SHA512

      f485062b12c98029a4fcd8fa65812e58a1f9c46f14e41e0aec5d1bca4f09e1f8d69ad02ba3bdc07aa16355f4458951555eb405561b4b06d9b5ddf703e7e7deef

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks