General

  • Target

    5b1c4d5e952f20028fa708e30d333b741ae2d40e1a3c88f78e5190b50f3a1e3e

  • Size

    538KB

  • Sample

    220802-bdawnacdf6

  • MD5

    359b8575b37090a853ceee9d03d47b15

  • SHA1

    0be8bb212e494246582515660911da3a1906833b

  • SHA256

    5b1c4d5e952f20028fa708e30d333b741ae2d40e1a3c88f78e5190b50f3a1e3e

  • SHA512

    90e51aacc3e63faf5a288fec16c543b4304c26ba769dd1a7f338cee33742144d454c8c73a745b7b59c3498af04731179a91a428c7fdf78c35759309f074dc491

Malware Config

Targets

    • Target

      5b1c4d5e952f20028fa708e30d333b741ae2d40e1a3c88f78e5190b50f3a1e3e

    • Size

      538KB

    • MD5

      359b8575b37090a853ceee9d03d47b15

    • SHA1

      0be8bb212e494246582515660911da3a1906833b

    • SHA256

      5b1c4d5e952f20028fa708e30d333b741ae2d40e1a3c88f78e5190b50f3a1e3e

    • SHA512

      90e51aacc3e63faf5a288fec16c543b4304c26ba769dd1a7f338cee33742144d454c8c73a745b7b59c3498af04731179a91a428c7fdf78c35759309f074dc491

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks