General

  • Target

    c9cb8825b0c0759e0b932807425826ac5e4174b96b2c8f97ac7e43523a9df999.bin.sample.gz

  • Size

    180KB

  • Sample

    230912-r4fslade3s

  • MD5

    17ce209b57569dbfd9459b145f0ccd92

  • SHA1

    40e71cdd0ca0481c334eb1d89e23fc7c257255de

  • SHA256

    8d275b5f1ee484cb62aff843d4386e7dc630adcf9cc9b918ea84458767f3bbae

  • SHA512

    eb06f1e77e900f2cf917a36d4dbad7f6750eca055979c09c5280ff38b1ae4aead4e8db52ac39e40614f1c6b9e4436e9135f09f1613df44ffee6a647d3c583c90

  • SSDEEP

    3072:A260ltlhF662mSWMc2Ty5RO1Y/IqDBEX3acA11Vpq1z7FlImSapOQVdyfdmbIT:AEltlnzKu7O1BqDBEnaZ1XK7FlloGEFv

Malware Config

Targets

    • Target

      sample

    • Size

      181KB

    • MD5

      5d9bc82b48f4a110c9ef1fd40b4f3997

    • SHA1

      2f624dcb6374d941aaec2e63011db1d3567413bf

    • SHA256

      c9cb8825b0c0759e0b932807425826ac5e4174b96b2c8f97ac7e43523a9df999

    • SHA512

      c44757f5161b94b0ea79fcdf18bb6c6d5649a56ec63a55ad4fe4bf5ff5747e03aa5fe8814893f27e57dcc3e804f7beb63a209fb454d3de6937f68b13bc359fbb

    • SSDEEP

      3072:5260lLlhF6e2mSWMo2Ty5dO1YTIqtBEX3acA1XVpq1z7F9Im6apOQQGqfc/kIbB:5ElLlnpouDO17qtBEnaZXXK7F9JoXf1g

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

    • JAR file contains resources related to AdWind

      This JAR file potentially contains loader stubs used by the AdWind RAT.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks