General

  • Target

    55626ee2c256ba9f36791186dde8e738951c961d1a5cbdb587e4f560d4f3237e

  • Size

    948KB

  • Sample

    220725-tntqmahgcr

  • MD5

    d71e48b61501dbc729946c1e2082b655

  • SHA1

    4c0055e1967f57a59593742f3a4e9031231ffa52

  • SHA256

    55626ee2c256ba9f36791186dde8e738951c961d1a5cbdb587e4f560d4f3237e

  • SHA512

    edafb8880c2f76e92c11627f3806488e74086a92bd5f6cd45890fd5cdba938ee1d09a82ccc8eb69acf80085f0985b6da08fa83a77b2aa9c4bb058b1bc8de6ca9

Malware Config

Targets

    • Target

      55626ee2c256ba9f36791186dde8e738951c961d1a5cbdb587e4f560d4f3237e

    • Size

      948KB

    • MD5

      d71e48b61501dbc729946c1e2082b655

    • SHA1

      4c0055e1967f57a59593742f3a4e9031231ffa52

    • SHA256

      55626ee2c256ba9f36791186dde8e738951c961d1a5cbdb587e4f560d4f3237e

    • SHA512

      edafb8880c2f76e92c11627f3806488e74086a92bd5f6cd45890fd5cdba938ee1d09a82ccc8eb69acf80085f0985b6da08fa83a77b2aa9c4bb058b1bc8de6ca9

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks