adwind | a44882003aae3c833f7540e12b9db89240b5f02669949e72cdc600485135e511 | Triage

Submit
Reports

Overview

overview

Static

static

NOIDEA.jar

windows10-2004-x64

7

NOIDEA.jar

windows11-21h2-x64

7

Sharing

General

Target

NOIDEA.jar
Size

2.3MB
Sample

240625-qlrlpsvflq
MD5

24a7587cb61f673472bdb49c370959d5
SHA1

22e57c86d7a81882e61030cff94d151eba13bd2f
SHA256

a44882003aae3c833f7540e12b9db89240b5f02669949e72cdc600485135e511
SHA512

7c6756b4d6fce3ebfccf110364f70f3c3b7d14acc9d9cbf6d56a61075dd80c2bc8ce531caeca0f9d60075627ba1e9fd957a513af241f0721f80ae1eff87a005a
SSDEEP

49152:FIQEEbC3k2EeKu3ThgcUe5BFYtACdY+ZJ1uI4eNSjJaa:FJEXk224ThgcUeYsCTuIkjJL

Score

10^/10

adwind discovery persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

NOIDEA.jar

Resource

win10v2004-20240508-en

discovery persistence

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

NOIDEA.jar

Resource

win11-20240611-en

discovery persistence

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  NOIDEA.jar
- Size
  
  2.3MB
- MD5
  
  24a7587cb61f673472bdb49c370959d5
- SHA1
  
  22e57c86d7a81882e61030cff94d151eba13bd2f
- SHA256
  
  a44882003aae3c833f7540e12b9db89240b5f02669949e72cdc600485135e511
- SHA512
  
  7c6756b4d6fce3ebfccf110364f70f3c3b7d14acc9d9cbf6d56a61075dd80c2bc8ce531caeca0f9d60075627ba1e9fd957a513af241f0721f80ae1eff87a005a
- SSDEEP
  
  49152:FIQEEbC3k2EeKu3ThgcUe5BFYtACdY+ZJ1uI4eNSjJaa:FJEXk224ThgcUeYsCTuIkjJL
Score

7^/10

discovery persistence
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

© 2018-2024

Terms | Privacy