adwind | 4db5a0ee8a4a73d103bf617e2650432e521d5c9d7fc73178a226f8c470366340 | Triage

Sharing

General

Target

pene.jar
Size

639KB
Sample

250107-cneg9s1nek
MD5

9fc057b64fdcaeae92b6804c373ad4cb
SHA1

5b0812fdfc7360676be4e48f702dc1892cdcda0d
SHA256

4db5a0ee8a4a73d103bf617e2650432e521d5c9d7fc73178a226f8c470366340
SHA512

ec43ae6d1f40f759de95c4daa46e1c2cd2692ec3f3b8608e120878d185b50dfae4df4fc1f0de6c1f2368cf966968268858b07fc58838fb61db4c54cf3dc8782e
SSDEEP

12288:33t8Qm/GcGpYT4v4MIXjgc/RR7+dyGN+Z2g+lWRVM3gug2h0SCJDQa:33eQqKpc4wDjgczqj+Z/gFguthHCJDQa

Score

10^/10

adwind

Malware Config

Targets

- Target
  
  pene.jar
- Size
  
  639KB
- MD5
  
  9fc057b64fdcaeae92b6804c373ad4cb
- SHA1
  
  5b0812fdfc7360676be4e48f702dc1892cdcda0d
- SHA256
  
  4db5a0ee8a4a73d103bf617e2650432e521d5c9d7fc73178a226f8c470366340
- SHA512
  
  ec43ae6d1f40f759de95c4daa46e1c2cd2692ec3f3b8608e120878d185b50dfae4df4fc1f0de6c1f2368cf966968268858b07fc58838fb61db4c54cf3dc8782e
- SSDEEP
  
  12288:33t8Qm/GcGpYT4v4MIXjgc/RR7+dyGN+Z2g+lWRVM3gug2h0SCJDQa:33eQqKpc4wDjgczqj+Z/gFguthHCJDQa
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1