adwind | 09bca6155d72efc476cb91b549d852a676f6dc0902d7e44c94b9304d71dcd259 | Triage

Sharing

General

Target

Risecwacked.zip
Size

11.5MB
Sample

241026-wekgpsxajb
MD5

c6bce31d0397ed1c1619dcf4fac7e2b3
SHA1

8927bd01ffb40c93753f1bf14b6abaa957a86f15
SHA256

09bca6155d72efc476cb91b549d852a676f6dc0902d7e44c94b9304d71dcd259
SHA512

db5f9980797983c4545aed195b7085c3c745618b3e6f0a2f2d1d7174f16a68dd7cf58673a83c6fabdb10faf7171846ae113473eb47fdce8ebca8e2e9927ee64b
SSDEEP

196608:qXE4PpTIKMfX5aK4abd+rb9Cp9tBGgXezEwtg8syhLK8toNb9WUS2oRa7QHu:+EWTWvMK4bb89tPeYwC8syc8CiUxQHu

Score

10^/10

adwind persistence

Malware Config

Targets

- Target
  
  Rise 6.1.31/Rise.jar
- Size
  
  11.7MB
- MD5
  
  62e3fbd568560b6b3ceeeb7f15befcf3
- SHA1
  
  499c81be40a7a5a7cdde84d9989a20f19039e9f5
- SHA256
  
  905de877c30480cee378952ac08624c62740c6ba168187842e980639ab531d7c
- SHA512
  
  3ed369cf87b209ea690163093e53b863d417288391e7133459227c48acad54fce88344c6de0cef0321048a1e8c05cea9ebe8659074f2fe474a70989b5019829c
- SSDEEP
  
  196608:zwvzisgD2fRkviJg4S/+Cxjpk67A+Y5qxSbWihrQNhNpZJKkMoFn5ZXGIC0OlW:aZfRaGSm295f8lhuhzZ85wn54aOlW
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2
- Target
  
  Rise 6.1.31/start.cmd
- Size
  
  41B
- MD5
  
  d81f3f20ef2eda780a107a9b50cc718b
- SHA1
  
  6fe33901c94fe7005d27af5d4ce9de2bc9a3e908
- SHA256
  
  d9cff4ea291d91d405dfb8ec36e2ce7f85bd0c00d37efa1da29f8ca5c872d0c9
- SHA512
  
  1960a59230fb721045cdc232446c45f56ac60762be96e555db119184c1526b6af785d8a14a934f440bf12e385a94c8cb9d9b767271abf42444dd98ea8f8c98df
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4