adwind | 2dc7b40021d581855cbedeec0151dac0b66c6e9b8f12872e142bcc21b624100a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

pro.jar
Size

11.7MB
Sample

240805-q2stps1gmf
MD5

9eacf17cccbe693be956030ad1e30580
SHA1

28a718210477322a019013905849a1f5c7555533
SHA256

2dc7b40021d581855cbedeec0151dac0b66c6e9b8f12872e142bcc21b624100a
SHA512

fa9dbfe50ace27c27083bdce2c60e8f32790815bcd1a28325bcfc053f3e0cdf549610c54334142921aaee23adcd8fa0df21eaa569f42c2d7f1c70a62e515808f
SSDEEP

196608:TqL1k4d/cqlLGd4VFm2Zso+Wet3/TJE8xvVP3IYd5562nJv6xPoH5mpAgqHQe:+kqlKkmaDtIhl9Io5RnpKAH8gHQe

Score

10^/10

adwind persistence

Malware Config

Targets

- Target
  
  pro.jar
- Size
  
  11.7MB
- MD5
  
  9eacf17cccbe693be956030ad1e30580
- SHA1
  
  28a718210477322a019013905849a1f5c7555533
- SHA256
  
  2dc7b40021d581855cbedeec0151dac0b66c6e9b8f12872e142bcc21b624100a
- SHA512
  
  fa9dbfe50ace27c27083bdce2c60e8f32790815bcd1a28325bcfc053f3e0cdf549610c54334142921aaee23adcd8fa0df21eaa569f42c2d7f1c70a62e515808f
- SSDEEP
  
  196608:TqL1k4d/cqlLGd4VFm2Zso+Wet3/TJE8xvVP3IYd5562nJv6xPoH5mpAgqHQe:+kqlKkmaDtIhl9Io5RnpKAH8gHQe
Score

7^/10

persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1