adwind | 71e6e2fe78006f93ad62ed82871ba58542741ea0ec0d180388fc421f8f93e89d | Triage

Submit
Reports

Overview

overview

Static

static

Sol.jar

macos-10.15-amd64

6

Sharing

General

Target

Sol.jar
Size

639KB
Sample

240403-xl6h7ahf6w
MD5

b269fb038ef048af12b95ffd0bcbffa3
SHA1

3f8478250cf5a773228d39bbf73e5c3230e8c1fa
SHA256

71e6e2fe78006f93ad62ed82871ba58542741ea0ec0d180388fc421f8f93e89d
SHA512

8b27a935ed0c50a2bd7bb91545d39d66cb19e43b5b211bb15d6df8afa8b27d02dffd7a43d09b234a2f473191fee40a0a7c8073e38e90156d5f07ae81546c72b4
SSDEEP

12288:nXtsQm/Gsm5YD4f4s4njgs/RRr+9S2N+ZTggNKRcd3mus2xESprDYHJ:nXOQq65c4wzjgsTKD+Z02PmuRxXprDYp

Score

10^/10

adwind evasion execution macos

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Sol.jar

Resource

macos-20240214-en

evasion execution

macos-10.15-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  Sol.jar
- Size
  
  639KB
- MD5
  
  b269fb038ef048af12b95ffd0bcbffa3
- SHA1
  
  3f8478250cf5a773228d39bbf73e5c3230e8c1fa
- SHA256
  
  71e6e2fe78006f93ad62ed82871ba58542741ea0ec0d180388fc421f8f93e89d
- SHA512
  
  8b27a935ed0c50a2bd7bb91545d39d66cb19e43b5b211bb15d6df8afa8b27d02dffd7a43d09b234a2f473191fee40a0a7c8073e38e90156d5f07ae81546c72b4
- SSDEEP
  
  12288:nXtsQm/Gsm5YD4f4s4njgs/RRr+9S2N+ZTggNKRcd3mus2xESprDYHJ:nXOQq65c4wzjgsTKD+Z02PmuRxXprDYp
Score

6^/10

evasion execution
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionexecution

© 2018-2024

Terms | Privacy