General

  • Target

    15c39d929f69e2af414cd1d114f58d77b33e0d1d7cd92778f05023f42ed4b6b2

  • Size

    62KB

  • Sample

    221128-xllh1shb24

  • MD5

    2b2eb32276243a8ac5024aa09c22bded

  • SHA1

    a75299c65b9a78473e9d4c7473d20509543aa234

  • SHA256

    15c39d929f69e2af414cd1d114f58d77b33e0d1d7cd92778f05023f42ed4b6b2

  • SHA512

    3583dbd2ed50d26794ecdf52d6a977e42a15d38c9188b64f8eb3d94ec8f3f105e83f0c2a1c62097d5c1b5f737183bf35ec708ba72a25a7e7bc9dee654909d657

  • SSDEEP

    1536:7CinRrPTdCEuco7q69YQiKmV1a5u0JlHo7zG:7jCHco7SQDma5tlMzG

Malware Config

Targets

    • Target

      15c39d929f69e2af414cd1d114f58d77b33e0d1d7cd92778f05023f42ed4b6b2

    • Size

      62KB

    • MD5

      2b2eb32276243a8ac5024aa09c22bded

    • SHA1

      a75299c65b9a78473e9d4c7473d20509543aa234

    • SHA256

      15c39d929f69e2af414cd1d114f58d77b33e0d1d7cd92778f05023f42ed4b6b2

    • SHA512

      3583dbd2ed50d26794ecdf52d6a977e42a15d38c9188b64f8eb3d94ec8f3f105e83f0c2a1c62097d5c1b5f737183bf35ec708ba72a25a7e7bc9dee654909d657

    • SSDEEP

      1536:7CinRrPTdCEuco7q69YQiKmV1a5u0JlHo7zG:7jCHco7SQDma5tlMzG

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • JAR file contains resources related to AdWind

      This JAR file potentially contains loader stubs used by the AdWind RAT.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks