General

  • Target

    7dca4fdb51b60e0b384882d567655fa1abfafc13344e37e05b97a6a995762a90

  • Size

    62KB

  • Sample

    221128-xlk79ahb22

  • MD5

    7d38dd37819632963b9270868ab7ffb5

  • SHA1

    6ec29a979563f5ad1487ed12fe737ad31e0d18ba

  • SHA256

    7dca4fdb51b60e0b384882d567655fa1abfafc13344e37e05b97a6a995762a90

  • SHA512

    280cc2742c215b1acb6e32d20cd24d500137acf606765239b775fce55c900e0dc962ab839d5c86f347727ab26d4fa6da5fcfbd691ef2865390e964b8f722ec57

  • SSDEEP

    1536:hbLxw4XSvs8UrLNFte1jyY7+tHAGiYQAroIYHoyvsrJQ5ZF:Ntw4Cb6FIy7tgGVQA80rGZF

Malware Config

Targets

    • Target

      7dca4fdb51b60e0b384882d567655fa1abfafc13344e37e05b97a6a995762a90

    • Size

      62KB

    • MD5

      7d38dd37819632963b9270868ab7ffb5

    • SHA1

      6ec29a979563f5ad1487ed12fe737ad31e0d18ba

    • SHA256

      7dca4fdb51b60e0b384882d567655fa1abfafc13344e37e05b97a6a995762a90

    • SHA512

      280cc2742c215b1acb6e32d20cd24d500137acf606765239b775fce55c900e0dc962ab839d5c86f347727ab26d4fa6da5fcfbd691ef2865390e964b8f722ec57

    • SSDEEP

      1536:hbLxw4XSvs8UrLNFte1jyY7+tHAGiYQAroIYHoyvsrJQ5ZF:Ntw4Cb6FIy7tgGVQA80rGZF

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • JAR file contains resources related to AdWind

      This JAR file potentially contains loader stubs used by the AdWind RAT.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks