General

  • Target

    Payment Swift.jar

  • Size

    632KB

  • Sample

    221205-hsp3fsbc5s

  • MD5

    de6fd9ced22c55b224fd7fe67c13a07a

  • SHA1

    7c4d487ebfa9c588a6fb9b35f2e3f5adaee17c40

  • SHA256

    616ae7e333f4bcb020eeddbc8d45564bdf1c9e49394a629314c5bb4f9288b128

  • SHA512

    95a50875848c835f88f894b7b26d3e6ce4b23852679cb20eefa3d900b7f0cff2b6dcb40c01ee3b5b5c8314d403583df5669aa03e5b6424236d86adfca5faf7c3

  • SSDEEP

    12288:ANSOSoopHVI9pSpPLpoTpfX3F/xFr00IVjdBGdr2FaTlnp:ANSOQpHV/pPL4p/F/zpIVNaL

Score
10/10

Malware Config

Targets

    • Target

      Payment Swift.jar

    • Size

      632KB

    • MD5

      de6fd9ced22c55b224fd7fe67c13a07a

    • SHA1

      7c4d487ebfa9c588a6fb9b35f2e3f5adaee17c40

    • SHA256

      616ae7e333f4bcb020eeddbc8d45564bdf1c9e49394a629314c5bb4f9288b128

    • SHA512

      95a50875848c835f88f894b7b26d3e6ce4b23852679cb20eefa3d900b7f0cff2b6dcb40c01ee3b5b5c8314d403583df5669aa03e5b6424236d86adfca5faf7c3

    • SSDEEP

      12288:ANSOSoopHVI9pSpPLpoTpfX3F/xFr00IVjdBGdr2FaTlnp:ANSOQpHV/pPL4p/F/zpIVNaL

    Score
    10/10
    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks