General

  • Target

    5ab2a9d3083c396d96d36fff49624a5358fa3dd9bb41015259d689a83e5b2b14

  • Size

    534KB

  • Sample

    220802-c4b23sfda7

  • MD5

    2767f8c7b4a814299177bb6e108aa64a

  • SHA1

    be6f7ab8df27fd6b4ecb1ca5f420ba390761aa4b

  • SHA256

    5ab2a9d3083c396d96d36fff49624a5358fa3dd9bb41015259d689a83e5b2b14

  • SHA512

    4694c2dc0b2377e394c2b8b17c9d993de13a8984eff197bd5569384dadc2c55708a27e5fca4212d27a8d1f1d85e9d267a5ba4c0e8531d915f7cd168db5c253cb

Malware Config

Targets

    • Target

      5ab2a9d3083c396d96d36fff49624a5358fa3dd9bb41015259d689a83e5b2b14

    • Size

      534KB

    • MD5

      2767f8c7b4a814299177bb6e108aa64a

    • SHA1

      be6f7ab8df27fd6b4ecb1ca5f420ba390761aa4b

    • SHA256

      5ab2a9d3083c396d96d36fff49624a5358fa3dd9bb41015259d689a83e5b2b14

    • SHA512

      4694c2dc0b2377e394c2b8b17c9d993de13a8984eff197bd5569384dadc2c55708a27e5fca4212d27a8d1f1d85e9d267a5ba4c0e8531d915f7cd168db5c253cb

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks