General
-
Target
5b44e9b540425a8d1a7889bb1749300e0ed46b7ecdd7aff46ddf0d5c4768a126
-
Size
570KB
-
Sample
250102-stps7ayrdl
-
MD5
738115b0931b9515c0fd8211a1ee2308
-
SHA1
9df1b42b462f1383f74e2ffe31d45be9784e12bb
-
SHA256
5b44e9b540425a8d1a7889bb1749300e0ed46b7ecdd7aff46ddf0d5c4768a126
-
SHA512
fc3d34f5a957d5441dbfeefe6c1a2238ab2da827f24169189be13e7bf3abcec5edacaf4c4f1b1932dd55838d6b801c2d1a26b366450649f0e43d37ff127d9c12
-
SSDEEP
12288:qutFGKBegnvmkqo/Rd6MS3u3Hd/hfg8EObi1QuMT:qWF346exo/RaKHPIZhs
Malware Config
Targets
-
-
Target
5b44e9b540425a8d1a7889bb1749300e0ed46b7ecdd7aff46ddf0d5c4768a126
-
Size
570KB
-
MD5
738115b0931b9515c0fd8211a1ee2308
-
SHA1
9df1b42b462f1383f74e2ffe31d45be9784e12bb
-
SHA256
5b44e9b540425a8d1a7889bb1749300e0ed46b7ecdd7aff46ddf0d5c4768a126
-
SHA512
fc3d34f5a957d5441dbfeefe6c1a2238ab2da827f24169189be13e7bf3abcec5edacaf4c4f1b1932dd55838d6b801c2d1a26b366450649f0e43d37ff127d9c12
-
SSDEEP
12288:qutFGKBegnvmkqo/Rd6MS3u3Hd/hfg8EObi1QuMT:qWF346exo/RaKHPIZhs
Score10/10-
AdWind
A Java-based RAT family operated as malware-as-a-service.
-
Adwind family
-
JAR file contains resources related to AdWind
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1