General

  • Target

    a1056660e9fe4be99a07305fa2d90eb28de5fef4817c099f68096285a35e3c2c

  • Size

    682KB

  • Sample

    220725-afsc2sefa3

  • MD5

    ef2b526b61a2708515419408c91bb08b

  • SHA1

    a0a733d60328ed90130cee52c8297eb0635c9d3e

  • SHA256

    a1056660e9fe4be99a07305fa2d90eb28de5fef4817c099f68096285a35e3c2c

  • SHA512

    62d950725b1fc77b70fd4a4716a5a20684c3e1023134439195b7daf158e367f04187faf7c427fb0ff25522d0ce03dc716d126068e562bbbc9a6eac91f9aec843

Malware Config

Targets

    • Target

      a1056660e9fe4be99a07305fa2d90eb28de5fef4817c099f68096285a35e3c2c

    • Size

      682KB

    • MD5

      ef2b526b61a2708515419408c91bb08b

    • SHA1

      a0a733d60328ed90130cee52c8297eb0635c9d3e

    • SHA256

      a1056660e9fe4be99a07305fa2d90eb28de5fef4817c099f68096285a35e3c2c

    • SHA512

      62d950725b1fc77b70fd4a4716a5a20684c3e1023134439195b7daf158e367f04187faf7c427fb0ff25522d0ce03dc716d126068e562bbbc9a6eac91f9aec843

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks