General

  • Target

    40c4798ad09769f62037f0860408ce5dafa2e658cd1ed29d4bd6723f997fce73

  • Size

    540KB

  • Sample

    220708-rspw5adgdn

  • MD5

    2eef162b5e98bc3b38ff3d0b841bb202

  • SHA1

    2b762075757cf10dc342de4797c1d5f38606baa0

  • SHA256

    40c4798ad09769f62037f0860408ce5dafa2e658cd1ed29d4bd6723f997fce73

  • SHA512

    4998e4708752cbc1e190485abcdaee07c1b3fece826c1144c626747b24b5af5301a898add0b9b2b0782bc55d137163650fec74afe66abbde4930d97cf58ac2a7

Malware Config

Targets

    • Target

      40c4798ad09769f62037f0860408ce5dafa2e658cd1ed29d4bd6723f997fce73

    • Size

      540KB

    • MD5

      2eef162b5e98bc3b38ff3d0b841bb202

    • SHA1

      2b762075757cf10dc342de4797c1d5f38606baa0

    • SHA256

      40c4798ad09769f62037f0860408ce5dafa2e658cd1ed29d4bd6723f997fce73

    • SHA512

      4998e4708752cbc1e190485abcdaee07c1b3fece826c1144c626747b24b5af5301a898add0b9b2b0782bc55d137163650fec74afe66abbde4930d97cf58ac2a7

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks