General

  • Target

    4aa0230cc6b1e9c7d95ec94901e2db3fc75897adfc381777f603c8d1374ab55a

  • Size

    619KB

  • Sample

    220712-pvykyadca8

  • MD5

    72b3e76362621b9f13583dedb2c4c370

  • SHA1

    e6113bb5285ca88d30af70e5c53971100597c2c9

  • SHA256

    4aa0230cc6b1e9c7d95ec94901e2db3fc75897adfc381777f603c8d1374ab55a

  • SHA512

    f185bb1a4f2c10530a4e6fee075bc2d7f1e7cbe3422286e739e51d6c11d403368e980b2b45e73f3dafd19593c59d0e1bee331de84eb0c39f5dddc2ebcfd66ba4

Malware Config

Targets

    • Target

      4aa0230cc6b1e9c7d95ec94901e2db3fc75897adfc381777f603c8d1374ab55a

    • Size

      619KB

    • MD5

      72b3e76362621b9f13583dedb2c4c370

    • SHA1

      e6113bb5285ca88d30af70e5c53971100597c2c9

    • SHA256

      4aa0230cc6b1e9c7d95ec94901e2db3fc75897adfc381777f603c8d1374ab55a

    • SHA512

      f185bb1a4f2c10530a4e6fee075bc2d7f1e7cbe3422286e739e51d6c11d403368e980b2b45e73f3dafd19593c59d0e1bee331de84eb0c39f5dddc2ebcfd66ba4

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks