General

  • Target

    4c5c1f4eb2b70d661bed022a9d01e712c69f9c78eca511fd492fee16f1344019

  • Size

    534KB

  • Sample

    220712-g8pk7aeghp

  • MD5

    0e4949aa31ba97d5c6fc4d9d8c820fce

  • SHA1

    85ca213e1ff57ec7efa13ef64ca49064dcb11073

  • SHA256

    4c5c1f4eb2b70d661bed022a9d01e712c69f9c78eca511fd492fee16f1344019

  • SHA512

    db3a62e6c1e00cdbfb8bc4e3210b3a9bc5fd80537e2bb37b19581864404c3a8735f8c3c6c9139fa51d104b9bf8fe153ca7b2c7b08b6e7fe59b810a85c9c9a54f

Malware Config

Targets

    • Target

      4c5c1f4eb2b70d661bed022a9d01e712c69f9c78eca511fd492fee16f1344019

    • Size

      534KB

    • MD5

      0e4949aa31ba97d5c6fc4d9d8c820fce

    • SHA1

      85ca213e1ff57ec7efa13ef64ca49064dcb11073

    • SHA256

      4c5c1f4eb2b70d661bed022a9d01e712c69f9c78eca511fd492fee16f1344019

    • SHA512

      db3a62e6c1e00cdbfb8bc4e3210b3a9bc5fd80537e2bb37b19581864404c3a8735f8c3c6c9139fa51d104b9bf8fe153ca7b2c7b08b6e7fe59b810a85c9c9a54f

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks