General

  • Target

    TellerAdvice.jar

  • Size

    626KB

  • Sample

    220824-hzx2mshhel

  • MD5

    4529ccc406e6fc95f2dcdc5f6bae28a5

  • SHA1

    aa84655568ea4727d742c13b10f8d159ee7926e6

  • SHA256

    2b497ad1ec1cc4c7ea45b070c2cb3f2f78b0f06e128225df43980abd05d9fb1e

  • SHA512

    77a6b73c52650846523e9cdcbf637fca33f00986cf13b68d1bf9a3ffa9c5eed9cabc72261a3f47bb3e27245ccc56c13be567254275a88c311a21bf6555b040f4

  • SSDEEP

    12288:UPNuogFSuOJlMO4r8ajpm3AI8u0BxuPTNHVWPK0U6qTaDYZXUr11CO004gaOezNk:UPQoXumMO4r8Am301BUPTN1WPK0UhTa1

Malware Config

Targets

    • Target

      TellerAdvice.jar

    • Size

      626KB

    • MD5

      4529ccc406e6fc95f2dcdc5f6bae28a5

    • SHA1

      aa84655568ea4727d742c13b10f8d159ee7926e6

    • SHA256

      2b497ad1ec1cc4c7ea45b070c2cb3f2f78b0f06e128225df43980abd05d9fb1e

    • SHA512

      77a6b73c52650846523e9cdcbf637fca33f00986cf13b68d1bf9a3ffa9c5eed9cabc72261a3f47bb3e27245ccc56c13be567254275a88c311a21bf6555b040f4

    • SSDEEP

      12288:UPNuogFSuOJlMO4r8ajpm3AI8u0BxuPTNHVWPK0U6qTaDYZXUr11CO004gaOezNk:UPQoXumMO4r8Am301BUPTN1WPK0UhTa1

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks