adwind | 30c07969150109f3907de1171e3dc55303f660a3e430c072aae07058dca42ffc | Triage

Sharing

General

Target

sqldeveloper.7z
Size

414.3MB
Sample

250305-d45vtsxpx6
MD5

d35e5d59c7099ae5ba62a667ce700648
SHA1

74cab008ac0bc25b6ce04cb56cc151fd91495c40
SHA256

30c07969150109f3907de1171e3dc55303f660a3e430c072aae07058dca42ffc
SHA512

71f853ff6014e34dfd79eb8c129f078671a13d9854c6e947ce8ed604bb9d4e31971f870e20d4ac190227d8c6715b384ff7c389d1d1d26abf2fc5a8497ca5ad3a
SSDEEP

6291456:Rp6fuDJFLv4KQbuWM/YlU3GhMe/bEAKWhoeQdpP+W+UEFvhr9SI0GJhzEEhdI:RpguDJcpEYeeDEAFieQdB+W38rnzjhO

Score

10^/10

adwind discovery link linux pdf

Malware Config

Targets

- Target
  
  sqldeveloper/sqldeveloper/bin/sdcli
- Size
  
  675B
- MD5
  
  189681346250dbc93a25eb0d50b82bd4
- SHA1
  
  afa4e31516ba458b8f2074478655308c41d038fe
- SHA256
  
  2090a149f83a6fe3a99c1aa55d4d27a6f8e51b4d870547205b8917e8f1d22e5f
- SHA512
  
  808ea71a5ffa9ee42a571bf10b09b4d9f34eed1e46e2b2c49394920c035bff4276a1be55be5a210a7b32ff3734392cb35d6e09e612fcb877f94ed08426bd7089
Score

3^/10

discovery
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  sqldeveloper/sqldeveloper/bin/sdcli.exe
- Size
  
  91KB
- MD5
  
  e852995397a5fe958ce791d3c08c607c
- SHA1
  
  aae5bd0835c7a1f91962318f4c6d0bf80fa3dd7b
- SHA256
  
  d798bfd4c0e33c76c26aedbd0af2f03f8a1300383cfb5008b0a9fde9623603da
- SHA512
  
  c6e641669eac1c3a4eb638be88dd2b0891ea85aee8040495288aacd9cae2c494f7c389656cabae08b2bef5e0f27289763efb6f1b76e89f7bf681aeabc4b455c7
- SSDEEP
  
  1536:BKfI/s6MMj7dG0AjmDCs7JeYrR3tug5SstjQ718XPxq:gf565XdxaUegXusBQ2X
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  sqldeveloper/sqldeveloper/bin/sdcli64.exe
- Size
  
  92KB
- MD5
  
  ce19a42c001507eba2171a9138783b90
- SHA1
  
  7c5b1750290f43e0211b8daf58d8c0c2fc02d95c
- SHA256
  
  7adc62353b43717863093f6fdc9d4029254d5c35f72cbaab905a93c33b2b640b
- SHA512
  
  74037b001ac3207a6ae40ab82fec9e2312e78c4e03532e94844de47ed307660726bdff17c8bdb3be30705b2fce39f37ea6346e74e6f1fa8a45c291e993730530
- SSDEEP
  
  1536:IAKfI/s6MMj7dG0AjmDCs7JeYrR3tug5Sstjq7Qjxn:4f565XdxaUegXusBqI
Score

1^/10
behavioral7 behavioral8
- Target
  
  sqldeveloper/sqldeveloper/bin/sql
- Size
  
  21KB
- MD5
  
  db384dbeba8a2bf306398497fac50396
- SHA1
  
  c3038f1e7c7ce02bde27f3defe4eb497bda76a82
- SHA256
  
  fca90718bc1bdcc57af3db622e093af40084c7874f8aedfd7605f2938fb4c4a4
- SHA512
  
  6f4bb5c2cc16dfc4e85c6ecda99827a6a25dce4d578ac0618cd45ee1b17ff80e8a71158b43ac4ec24a86366d531726f30c70df5d6a1f89d16725fe5aed696fe5
- SSDEEP
  
  384:kynByvyxE9LWuzRzX7RGBVCfoBz+EXcJtIv3VSY/1MTsdgL33rOEo7Ek9x0iIxw9:ZhExVzRzX7RGBVCfoBz+EswSSMTsdgLC
Score

3^/10

discovery
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  sqldeveloper/sqldeveloper/bin/sql.exe
- Size
  
  172KB
- MD5
  
  9e3e4531e81958f040901a3feafe3f34
- SHA1
  
  14eeb43842f9b0f4de4a2d7ca05c8aac7e3b1f4c
- SHA256
  
  1653d30df194b7ae6a7dc631fd014f526411ba31e5b09998e69332245280c1a3
- SHA512
  
  d6429e8a8266742aa8949bf54bf5a82d3fbfa674f9a1808d9f6599668e24123cb05c6bbd74f67574d319fb49f28336ece0790f2542c94403a6172a1e39ca6003
- SSDEEP
  
  1536:skjQoIuD1QN7KqHnq+3LWoeQIvbDfcK8v8xLm3oXXX/81s94XqfJd2zt08yfY37Q:skEIZQRrqmbgGAuZs942Jd2Z07Y3M
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  sqldeveloper/sqldeveloper/bin/sqldeveloper
- Size
  
  3KB
- MD5
  
  9fc3ab5f5fb026d6c6bd6761aed51156
- SHA1
  
  e0dd08e6e8c5b325f1cba548727d1a87f6a2734c
- SHA256
  
  f36f73c4caa658eac7560cb2e421c9888080cf48358e49dee7d3bb69d0098365
- SHA512
  
  afe69fe66688b0d3f82cb7c5da530655fe8aa0d8ceb31c3a1c23233d170971ca398599cfafddec6eba1564b5eec6257d0f775358094e25b40e4488bcfdfa8520
Score

3^/10

discovery
behavioral15 behavioral16 behavioral17 behavioral18
- Target
  
  sqldeveloper/sqldeveloper/bin/sqldeveloper.exe
- Size
  
  91KB
- MD5
  
  8fdd5dacd6ef65c181ca054e27175fb8
- SHA1
  
  38250b6dff23668e936b32f39cc8501421408270
- SHA256
  
  f7d0cdd200ea8779c0d62e778fdc21bb8010820f77deb776bb6595ede77271a0
- SHA512
  
  7bf3ea8291dcfd576833e54982f01e666c728539bd22c952807ad42d4382382b9d91819746b90ebbf3f275c6d75352bcca2f7cd11f0c2d48a10e94d3673db3d0
- SSDEEP
  
  1536:5KfI/s6MMj7dG0AjmDCs7JeYrR3tug5Sstjt7HxM:Yf565XdxaUegXusBtS
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  sqldeveloper/sqldeveloper/bin/sqldeveloper64.exe
- Size
  
  92KB
- MD5
  
  400a6871e8a8e28e8b513468661fd499
- SHA1
  
  653d9c126d94eaa9052f91c11cba791b06ade9a2
- SHA256
  
  5a7248866aa425687800979d826ef789ba747ff152faf6dda2ab750705e3f180
- SHA512
  
  4f5e47c2296183b02983e97a3e5be3d1dc4caccc64a956cff2ed8bbc73ea6d843c689c752d713be2c3c9e45722211d39c2b12f63c647e7f051d8974df195a6fa
- SSDEEP
  
  1536:JmKfI/s6MMj7dG0AjmDCs7JeYrR3tug5Sstj27Xx29:Xf565XdxaUegXusB2E9
Score

1^/10
behavioral21 behavioral22
- Target
  
  sqldeveloper/sqldeveloper/bin/sqldeveloper64W.exe
- Size
  
  92KB
- MD5
  
  6fe3fcbdc511b59692820113b4ed9d0d
- SHA1
  
  a5aed8120b894288b152dc8f8e7ae12fb2c509f8
- SHA256
  
  8ce5fe64017afb0e0316c88a27ac98aba3fb8dc4ef190914a3c98cae1604f76c
- SHA512
  
  bf98b9bcd14f7ac215dc2f3f1b6458626c5efb7c8619e8fffa437ffbeec17970a5b6ac99cf23ad075af32991fcf5aae27163e94e3e5bb47413304b876ffe8839
- SSDEEP
  
  1536:GmKfI/s6MMj7dG0AjmDCs7JeYrR3tug5SstjP7OxDS:If565XdxaUegXusBPj
Score

1^/10
behavioral23 behavioral24
- Target
  
  sqldeveloper/sqldeveloper/bin/sqldeveloperW.exe
- Size
  
  91KB
- MD5
  
  a9e1395b66cd30e1ded3e81c78df7449
- SHA1
  
  6877e74ccdbb6786dcf33ae250d8b5332fcb0d95
- SHA256
  
  8ebd808b50ebe625ee9ff0c8593187f1214ff2e916eb391dd304028f1abba252
- SHA512
  
  0cf3476e9357c62dd77f96d4e7b3056edda6e2749a25fc7af50fc134e89ae0a8280addd5e7ef25c9e362453e6d2482e1118ce96f5b931ec3c70a5b678395155b
- SSDEEP
  
  1536:oKfI/s6MMj7dG0AjmDCs7JeYrR3tug5SstjC7ixg:/f565XdxaUegXusBCl
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  sqldeveloper/sqldeveloper/doc/dataminer_help.jar
- Size
  
  1.4MB
- MD5
  
  21ffc97090f202c872ae21c73d8a563f
- SHA1
  
  bd5b044fba3a436e5ebcdda78af943bbb8f037c3
- SHA256
  
  f20f560aa7e3d94c84c6b7da4975885ece48344b63133fa667be796ce3ee369c
- SHA512
  
  899320015947d90810947dfe9ca4864f3216309655372cd9c8546735c0fd42a5df4852572946760927aea71e7c23fc55beecb3533cbf5e60f9539680c990d5ab
- SSDEEP
  
  24576:yC4CozhCWDtOBN08koPikjLHuD0iR50U66DUhOETSI3aF0HNTLCIVTfLGq/oZDdZ:M9r8Cyi4c0E50UVdEOIJLCIVTSXhrX
Score

1^/10
behavioral27 behavioral28
- Target
  
  sqldeveloper/sqldeveloper/doc/sqldeveloper_help.jar
- Size
  
  2.4MB
- MD5
  
  7674e613e45bbf971a7c4a0cbc96a7d1
- SHA1
  
  6924b74c2b37a6c474454692def178f577bf5c00
- SHA256
  
  a11efebdb10c0ab46754254512da75f57edad73fe56077cb693212d8a27c13cf
- SHA512
  
  4c6f55284e1c79a7240e22af779b104e606c7accbba02450d61a8d65983a827805f74a3b385d37ff1b89fa96c7ac066294ae7f029d8a180c7252265ebe2737cb
- SSDEEP
  
  49152:EM+yfAmtemjgkBWzRb1pKN/jzK5lD4CXkM1IIi5rJNIBOBvbii3dZ4rwTQS:EM+yfAmRxB4BIN/nKzkCUMKIU1YObhki
Score

1^/10
behavioral29 behavioral30
- Target
  
  sqldeveloper/sqldeveloper/doc/welcome/de/Training.html
- Size
  
  2KB
- MD5
  
  473822154add2e446d9915331a25a876
- SHA1
  
  4dd53d465558155049200a24d8f9060dfb1f1f6d
- SHA256
  
  9b43cf03cf83ba42a8c9b6d6998e8c9f8ae384d4eaa57e06d03b42662d9eff12
- SHA512
  
  ab3653ff8800d45a8ae30cf908073a4282808e627e9d042f51621e593955fe57952727ae980ca81a4837d6dc48047756e9a58a5f33093baa7737311695cb4d6d
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32