General

  • Target

    ac75b0f48675b620783456eb8b956d3eae854a59556765b08aa7c56f9331c24f

  • Size

    484KB

  • Sample

    220725-afq5zsefa2

  • MD5

    4e471f03501c48ed9f4d12fef234828b

  • SHA1

    bad7774b5cd802c393d14e85c5653cc0a37ec910

  • SHA256

    ac75b0f48675b620783456eb8b956d3eae854a59556765b08aa7c56f9331c24f

  • SHA512

    576360c46caccd15190b440fac2142acfdcb841d4b6ea75537a2b02631c70f4fa29a0fa689bbba46261d1df5404d23855aea3f1887f71260bd0ba7ccf0d6fe38

Malware Config

Targets

    • Target

      ac75b0f48675b620783456eb8b956d3eae854a59556765b08aa7c56f9331c24f

    • Size

      484KB

    • MD5

      4e471f03501c48ed9f4d12fef234828b

    • SHA1

      bad7774b5cd802c393d14e85c5653cc0a37ec910

    • SHA256

      ac75b0f48675b620783456eb8b956d3eae854a59556765b08aa7c56f9331c24f

    • SHA512

      576360c46caccd15190b440fac2142acfdcb841d4b6ea75537a2b02631c70f4fa29a0fa689bbba46261d1df5404d23855aea3f1887f71260bd0ba7ccf0d6fe38

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks