General

  • Target

    4a63503bc4989f18e815df8c632445f9362dbdff70f59535f2987b56deea50f4

  • Size

    545KB

  • Sample

    220712-qpnn8acbcr

  • MD5

    e759230bb3eeceb20bba4ae66538ac5d

  • SHA1

    83eedf296da8ae03ae95dfce4696bae40e9040aa

  • SHA256

    4a63503bc4989f18e815df8c632445f9362dbdff70f59535f2987b56deea50f4

  • SHA512

    d2c476717fc5d183a8de98b468478d1f02b5a586ddbd888af8a781ecd2443e3de91a1468c43e368c40b7a1854f3b79e0aeb0d8650f490a0cede7ae03cd17eb0c

Malware Config

Targets

    • Target

      4a63503bc4989f18e815df8c632445f9362dbdff70f59535f2987b56deea50f4

    • Size

      545KB

    • MD5

      e759230bb3eeceb20bba4ae66538ac5d

    • SHA1

      83eedf296da8ae03ae95dfce4696bae40e9040aa

    • SHA256

      4a63503bc4989f18e815df8c632445f9362dbdff70f59535f2987b56deea50f4

    • SHA512

      d2c476717fc5d183a8de98b468478d1f02b5a586ddbd888af8a781ecd2443e3de91a1468c43e368c40b7a1854f3b79e0aeb0d8650f490a0cede7ae03cd17eb0c

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks