adwind | 126c39a0e50f1f283411440e42530269c46d40962035fc8f4f95bdc98797fb96 | Triage

Sharing

General

Target

CLOde CLientV2.jar
Size

639KB
Sample

241020-kxj34s1hmq
MD5

814b970503e1e23e4824da69741ea2f3
SHA1

2c09ad57e3882126476d9c5e6f348c5794c94677
SHA256

126c39a0e50f1f283411440e42530269c46d40962035fc8f4f95bdc98797fb96
SHA512

38a0df58b92716462a1bd3dcfc86b8113bf43c41a6f1453a2638745f38d4efa708961935cfcc378dfc8a6d5466c83cadab0284f5332a3d08ad51a2772b424690
SSDEEP

12288:WzbJQR/DblEjJ4Zh4d8zgq//Rz+BbENefCgalSRVs3Muo2dQSCdDME:WzVQB9Et4nLzgqh+yefDMBMuFdrCdDME

Score

10^/10

adwind persistence

Malware Config

Targets

- Target
  
  CLOde CLientV2.jar
- Size
  
  639KB
- MD5
  
  814b970503e1e23e4824da69741ea2f3
- SHA1
  
  2c09ad57e3882126476d9c5e6f348c5794c94677
- SHA256
  
  126c39a0e50f1f283411440e42530269c46d40962035fc8f4f95bdc98797fb96
- SHA512
  
  38a0df58b92716462a1bd3dcfc86b8113bf43c41a6f1453a2638745f38d4efa708961935cfcc378dfc8a6d5466c83cadab0284f5332a3d08ad51a2772b424690
- SSDEEP
  
  12288:WzbJQR/DblEjJ4Zh4d8zgq//Rz+BbENefCgalSRVs3Muo2dQSCdDME:WzVQB9Et4nLzgqh+yefDMBMuFdrCdDME
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1