General

  • Target

    7036a7d749c2d0e35a8e235367f03bd738b05526d525e744077078ccc4f321f8

  • Size

    62KB

  • Sample

    221128-y9vl9sdh62

  • MD5

    47c421e8437bc129af2cb5eeeadcdcab

  • SHA1

    eecf3a31f8450b004c7f4170d8c59f1f0467c8bc

  • SHA256

    7036a7d749c2d0e35a8e235367f03bd738b05526d525e744077078ccc4f321f8

  • SHA512

    fc89bdf66c00e0dc52ea3a10679e6333d2255e1fbd8f090a7b6f872f66c3aa50ea8d35d89509c6a4ceaee0b15a96ffb577fef65a9594304737da0dd3cf528358

  • SSDEEP

    1536:2gtd6G5VsvBOVZTLh9OgyxKc4GPx49p+LfHSO9Ek9raG1w:5L6G3svBQZT8xKc4+Lfy4T991w

Malware Config

Targets

    • Target

      7036a7d749c2d0e35a8e235367f03bd738b05526d525e744077078ccc4f321f8

    • Size

      62KB

    • MD5

      47c421e8437bc129af2cb5eeeadcdcab

    • SHA1

      eecf3a31f8450b004c7f4170d8c59f1f0467c8bc

    • SHA256

      7036a7d749c2d0e35a8e235367f03bd738b05526d525e744077078ccc4f321f8

    • SHA512

      fc89bdf66c00e0dc52ea3a10679e6333d2255e1fbd8f090a7b6f872f66c3aa50ea8d35d89509c6a4ceaee0b15a96ffb577fef65a9594304737da0dd3cf528358

    • SSDEEP

      1536:2gtd6G5VsvBOVZTLh9OgyxKc4GPx49p+LfHSO9Ek9raG1w:5L6G3svBQZT8xKc4+Lfy4T991w

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • JAR file contains resources related to AdWind

      This JAR file potentially contains loader stubs used by the AdWind RAT.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks