General

  • Target

    4c3f77ea2d093c372ab392eea4ee6d522724f169b33a398b237475aa1baafa8c

  • Size

    548KB

  • Sample

    220712-h3711sade2

  • MD5

    191b6f647fec83e75446512bdeb07bc6

  • SHA1

    53427d2ffcec89c318ef1fa2f7dc5aa63dfd8d7d

  • SHA256

    4c3f77ea2d093c372ab392eea4ee6d522724f169b33a398b237475aa1baafa8c

  • SHA512

    0fe3c0445a085b4067a6ee4931b8a564c8b7f6e89d4118de8d671ced27763a568ed82e13df119bf62402656d5b7d8127f5422e292665682ecf17e34ab3227d60

Malware Config

Targets

    • Target

      4c3f77ea2d093c372ab392eea4ee6d522724f169b33a398b237475aa1baafa8c

    • Size

      548KB

    • MD5

      191b6f647fec83e75446512bdeb07bc6

    • SHA1

      53427d2ffcec89c318ef1fa2f7dc5aa63dfd8d7d

    • SHA256

      4c3f77ea2d093c372ab392eea4ee6d522724f169b33a398b237475aa1baafa8c

    • SHA512

      0fe3c0445a085b4067a6ee4931b8a564c8b7f6e89d4118de8d671ced27763a568ed82e13df119bf62402656d5b7d8127f5422e292665682ecf17e34ab3227d60

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks