Overview

overview

10

Static

static

3

XBinderOutput.exe

windows7-x64

10

XBinderOutput.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XBinderOutput.exe

  • Size

    629KB

  • Sample

    241020-1zr5hasflh

  • MD5

    de7dbf0995218de34d55ea9181238f6a

  • SHA1

    1be9fecd1399177e37827132d532b655f4a0410e

  • SHA256

    2df5c0ce570c728c5063372b10ba49562ae056e07a29df6c6e82189ea849f1a4

  • SHA512

    def27b1f577bef0dfc850cecfef007b7dd3316192635e9810efa55d986d35b49b206c22ed2bb076f15427bffc72642504a6162071f2aeb88e3a5d6236d38589a

  • SSDEEP

    12288:fpdOPOPxDYgKHQkZsZ7vXeB+YPbTf7VTMUMqYs2iOLeU:fpdf5Kw6E7vOnTTf7VTMUM1TNLP

Score
10/10
adwindtrojan

Malware Config

Targets

    • Target

      XBinderOutput.exe

    • Size

      629KB

    • MD5

      de7dbf0995218de34d55ea9181238f6a

    • SHA1

      1be9fecd1399177e37827132d532b655f4a0410e

    • SHA256

      2df5c0ce570c728c5063372b10ba49562ae056e07a29df6c6e82189ea849f1a4

    • SHA512

      def27b1f577bef0dfc850cecfef007b7dd3316192635e9810efa55d986d35b49b206c22ed2bb076f15427bffc72642504a6162071f2aeb88e3a5d6236d38589a

    • SSDEEP

      12288:fpdOPOPxDYgKHQkZsZ7vXeB+YPbTf7VTMUMqYs2iOLeU:fpdf5Kw6E7vOnTTf7VTMUM1TNLP

    Score
    10/10
    adwindtrojan

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

      trojanadwind

    • Class file contains resources related to AdWind

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks