Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

10

Resubmissions

07/11/2024, 22:14

241107-15syzsymg1 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1226280722579456000/1226280866872033340/SorillusRAT.rar?ex=672e810d&is=672d2f8d&hm=99cf9f0863a61ebbfea5c2708b3b0ab730b051f54a2969a83d474759c0d7c6fe&

  • Sample

    241107-15syzsymg1

Score
10/10
adwinddiscoverytrojan

Malware Config

Targets

    • Target

      https://cdn.discordapp.com/attachments/1226280722579456000/1226280866872033340/SorillusRAT.rar?ex=672e810d&is=672d2f8d&hm=99cf9f0863a61ebbfea5c2708b3b0ab730b051f54a2969a83d474759c0d7c6fe&

    Score
    10/10
    adwinddiscoverytrojan

    • AdWind

      A Java-based RAT family operated as malware-as-a-service.

      trojanadwind

    • Adwind family

      adwind

    • Class file contains resources related to AdWind

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks