General

  • Target

    7a02319dbd8e5fc7c9bc6c6377d44856229c5fbaa206b78493803a4e5a2c531d

  • Size

    62KB

  • Sample

    221029-bv9fjsfbe7

  • MD5

    d9b6c899f8112a40131865f73e1ea9c9

  • SHA1

    194e24c21f616aba91b10c9b108c22a6bdf5c497

  • SHA256

    7a02319dbd8e5fc7c9bc6c6377d44856229c5fbaa206b78493803a4e5a2c531d

  • SHA512

    08548b4e90ecbb334388991faa34adea79110ce21db1054a99d284d8e476c456db8f38f27dcaf394829e43978082081ea459654b508611a86a84b5ab53afa111

  • SSDEEP

    1536:tFaDYQKV+r8TWnf0yL84UFE0YcmF15RFA3ep/NN/wz8:tXQKVu8TWfWL1YFPbAkNlwA

Malware Config

Targets

    • Target

      7a02319dbd8e5fc7c9bc6c6377d44856229c5fbaa206b78493803a4e5a2c531d

    • Size

      62KB

    • MD5

      d9b6c899f8112a40131865f73e1ea9c9

    • SHA1

      194e24c21f616aba91b10c9b108c22a6bdf5c497

    • SHA256

      7a02319dbd8e5fc7c9bc6c6377d44856229c5fbaa206b78493803a4e5a2c531d

    • SHA512

      08548b4e90ecbb334388991faa34adea79110ce21db1054a99d284d8e476c456db8f38f27dcaf394829e43978082081ea459654b508611a86a84b5ab53afa111

    • SSDEEP

      1536:tFaDYQKV+r8TWnf0yL84UFE0YcmF15RFA3ep/NN/wz8:tXQKVu8TWfWL1YFPbAkNlwA

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • JAR file contains resources related to AdWind

      This JAR file potentially contains loader stubs used by the AdWind RAT.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks