General

  • Target

    aab086c5909adf637816f84cf22996d5d2b121715de6d98221cbf88f9fdc1d61

  • Size

    625KB

  • Sample

    221108-a1wk7shbb8

  • MD5

    94a4010b188aa386e173cbe88e9d614d

  • SHA1

    281a8609707859dc868eb8a9eccc949343ceda25

  • SHA256

    aab086c5909adf637816f84cf22996d5d2b121715de6d98221cbf88f9fdc1d61

  • SHA512

    c10b071b62323d63a4360617fd325e3a1556c10dd9556c15d2dfcafc9d4573d50473d03744ed8debd2bbed1b3f3fb37997d1e4a6b16f553fa0aabcbfb4e35682

  • SSDEEP

    12288:e9YXMvhAjlMr9KKijpl0YyURa6m6y1YfNXTaBhfbBc7:KdvhkMrQ1l0v6/y1O2BY7

Malware Config

Targets

    • Target

      aab086c5909adf637816f84cf22996d5d2b121715de6d98221cbf88f9fdc1d61

    • Size

      625KB

    • MD5

      94a4010b188aa386e173cbe88e9d614d

    • SHA1

      281a8609707859dc868eb8a9eccc949343ceda25

    • SHA256

      aab086c5909adf637816f84cf22996d5d2b121715de6d98221cbf88f9fdc1d61

    • SHA512

      c10b071b62323d63a4360617fd325e3a1556c10dd9556c15d2dfcafc9d4573d50473d03744ed8debd2bbed1b3f3fb37997d1e4a6b16f553fa0aabcbfb4e35682

    • SSDEEP

      12288:e9YXMvhAjlMr9KKijpl0YyURa6m6y1YfNXTaBhfbBc7:KdvhkMrQ1l0v6/y1O2BY7

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks