General

  • Target

    4d8c1b5f85f19d16c14fabc1f8bd1bc223df31aae6c970cc784d454de193d5e8

  • Size

    288KB

  • Sample

    220712-c4w29afecn

  • MD5

    369b3f41f01706e1b8d438a67a4f78c9

  • SHA1

    d4c35bf6232502331d118760db0e045229cd8096

  • SHA256

    4d8c1b5f85f19d16c14fabc1f8bd1bc223df31aae6c970cc784d454de193d5e8

  • SHA512

    fbbc0ed8e136cc4db1cc5525e335a95d1b35b76b7c209cd81028f90e3327fe80801f33f750d9acc0dfe902569cee5aa056917b82a3cd797b4d6ecc9db8831355

Malware Config

Targets

    • Target

      4d8c1b5f85f19d16c14fabc1f8bd1bc223df31aae6c970cc784d454de193d5e8

    • Size

      288KB

    • MD5

      369b3f41f01706e1b8d438a67a4f78c9

    • SHA1

      d4c35bf6232502331d118760db0e045229cd8096

    • SHA256

      4d8c1b5f85f19d16c14fabc1f8bd1bc223df31aae6c970cc784d454de193d5e8

    • SHA512

      fbbc0ed8e136cc4db1cc5525e335a95d1b35b76b7c209cd81028f90e3327fe80801f33f750d9acc0dfe902569cee5aa056917b82a3cd797b4d6ecc9db8831355

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks