adwind | a3e5066d8dc238cb5350bb6b99159bce3bcf7eeb75634ade741aa86a161fbdbe | Triage

Sharing

General

Target

ads.jar
Size

639KB
Sample

241231-p6p3ya1mdv
MD5

d535cc57b2ed348acaf0da68366710de
SHA1

92b1bbb1d9361ff3e07d16bdb1cd01eabcc386a7
SHA256

a3e5066d8dc238cb5350bb6b99159bce3bcf7eeb75634ade741aa86a161fbdbe
SHA512

665c8cbbc3ec3e84e3fe4510769b01fd9aad92b9f17c073061e3dd2026b895354ce01c46618be0fabc938d6d583e4cff39011115155ceeed958f96530cf1d93e
SSDEEP

12288:8fzfQD/1RfG5B4Fb0fWTge/DRH+dxwN2z8gyhuRT634uc2Z8SYVDs1:8frQ77GT4JLTgetG02zBYp4uhZ/YVDs1

Score

10^/10

adwind discovery persistence

Malware Config

Targets

- Target
  
  ads.jar
- Size
  
  639KB
- MD5
  
  d535cc57b2ed348acaf0da68366710de
- SHA1
  
  92b1bbb1d9361ff3e07d16bdb1cd01eabcc386a7
- SHA256
  
  a3e5066d8dc238cb5350bb6b99159bce3bcf7eeb75634ade741aa86a161fbdbe
- SHA512
  
  665c8cbbc3ec3e84e3fe4510769b01fd9aad92b9f17c073061e3dd2026b895354ce01c46618be0fabc938d6d583e4cff39011115155ceeed958f96530cf1d93e
- SSDEEP
  
  12288:8fzfQD/1RfG5B4Fb0fWTge/DRH+dxwN2z8gyhuRT634uc2Z8SYVDs1:8frQ77GT4JLTgetG02zBYp4uhZ/YVDs1
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence