General

  • Target

    61620be30df4e30482b265934e4acc40f2e7736f4a013cba93d70a9f44bded13

  • Size

    841KB

  • Sample

    220730-z7bl2shfcm

  • MD5

    fd688f44934d9ec007f0e6e2439e7ab5

  • SHA1

    29c8b68f0548b9bcebebf7db9829bc59f0fda1ca

  • SHA256

    61620be30df4e30482b265934e4acc40f2e7736f4a013cba93d70a9f44bded13

  • SHA512

    37ca24d687679d95ef2ea741d3b44537ebb1c2a61e8be4a20d70366607c46bc1ce7a7742cdc48c52c593110b431dba71ba687e9874544c9ece129df3dd5614ba

Malware Config

Targets

    • Target

      61620be30df4e30482b265934e4acc40f2e7736f4a013cba93d70a9f44bded13

    • Size

      841KB

    • MD5

      fd688f44934d9ec007f0e6e2439e7ab5

    • SHA1

      29c8b68f0548b9bcebebf7db9829bc59f0fda1ca

    • SHA256

      61620be30df4e30482b265934e4acc40f2e7736f4a013cba93d70a9f44bded13

    • SHA512

      37ca24d687679d95ef2ea741d3b44537ebb1c2a61e8be4a20d70366607c46bc1ce7a7742cdc48c52c593110b431dba71ba687e9874544c9ece129df3dd5614ba

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks