General

  • Target

    5fd261ea6df276c94146cfa0db8161ea71fa3c2870585fd6f22bd63cef6faeb6

  • Size

    511KB

  • Sample

    220731-ktj9psghf3

  • MD5

    442ab35178b9c70cae0621146ca49657

  • SHA1

    359e377bc2b65f8c52057f3b7bac8163020eb8b8

  • SHA256

    5fd261ea6df276c94146cfa0db8161ea71fa3c2870585fd6f22bd63cef6faeb6

  • SHA512

    7d32222560b3f352ea94d23b294319cae143ed06a37e700b408cc043bf94494bcebe5685a8f84ded56509d4964160eeb650313a6b032dbdba39fb92b84bca73c

Malware Config

Targets

    • Target

      5fd261ea6df276c94146cfa0db8161ea71fa3c2870585fd6f22bd63cef6faeb6

    • Size

      511KB

    • MD5

      442ab35178b9c70cae0621146ca49657

    • SHA1

      359e377bc2b65f8c52057f3b7bac8163020eb8b8

    • SHA256

      5fd261ea6df276c94146cfa0db8161ea71fa3c2870585fd6f22bd63cef6faeb6

    • SHA512

      7d32222560b3f352ea94d23b294319cae143ed06a37e700b408cc043bf94494bcebe5685a8f84ded56509d4964160eeb650313a6b032dbdba39fb92b84bca73c

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks