General

  • Target

    d4f04bdfce53d0471cbdf46850c59bbca55f60980d056deada33f24417d69691

  • Size

    476KB

  • Sample

    220708-k15tzsaegk

  • MD5

    519169c6d701e3f1cd5874347e5e814b

  • SHA1

    55414a8aefca81bd0390ad2b6f56ba5a8bb4eecc

  • SHA256

    d4f04bdfce53d0471cbdf46850c59bbca55f60980d056deada33f24417d69691

  • SHA512

    541fe415edf459407ae7eca636521cc7cc853dac1cc9eecabc1b401d66514596228957b6e4644bce836018dc88e3f9fdf27bbbbd9cbc78f3cbbec5b49b896db9

Malware Config

Targets

    • Target

      d4f04bdfce53d0471cbdf46850c59bbca55f60980d056deada33f24417d69691

    • Size

      476KB

    • MD5

      519169c6d701e3f1cd5874347e5e814b

    • SHA1

      55414a8aefca81bd0390ad2b6f56ba5a8bb4eecc

    • SHA256

      d4f04bdfce53d0471cbdf46850c59bbca55f60980d056deada33f24417d69691

    • SHA512

      541fe415edf459407ae7eca636521cc7cc853dac1cc9eecabc1b401d66514596228957b6e4644bce836018dc88e3f9fdf27bbbbd9cbc78f3cbbec5b49b896db9

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks