adwind | 66fedddd6c9d24a6a1bf9547b2eaa75bc65db57ab0991f0fa31694449d13af51 | Triage

Submit
Reports

Overview

overview

Static

static

spoofer.jar

windows10-2004-x64

7

Sharing

General

Target

spoofer.jar
Size

639KB
Sample

240627-q53hbawgpr
MD5

de2903a8f29d98683f72aaf24bbda691
SHA1

ec1e67c09afa0410685b793c9ef6f1fd64fa6e07
SHA256

66fedddd6c9d24a6a1bf9547b2eaa75bc65db57ab0991f0fa31694449d13af51
SHA512

96157fa67635e0f6aaa09fe0aba92733ca335c9ec76b33420d0dd954828c6318c4a9e90c9147ed115afa2fda73a62f7723ed783d894d2f4f45a5c0c6d199a317
SSDEEP

12288:E/LPQT/1xHuhp4Vj0PmbgW/bRn+9RANWLEg6Z2RT63Auk25sSIdD0q:E/TQLTuT4BrbgWV20WLJ4hAu55vIdD0q

Score

10^/10

adwind discovery persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

spoofer.jar

Resource

win10v2004-20240611-en

discovery persistence

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  spoofer.jar
- Size
  
  639KB
- MD5
  
  de2903a8f29d98683f72aaf24bbda691
- SHA1
  
  ec1e67c09afa0410685b793c9ef6f1fd64fa6e07
- SHA256
  
  66fedddd6c9d24a6a1bf9547b2eaa75bc65db57ab0991f0fa31694449d13af51
- SHA512
  
  96157fa67635e0f6aaa09fe0aba92733ca335c9ec76b33420d0dd954828c6318c4a9e90c9147ed115afa2fda73a62f7723ed783d894d2f4f45a5c0c6d199a317
- SSDEEP
  
  12288:E/LPQT/1xHuhp4Vj0PmbgW/bRn+9RANWLEg6Z2RT63Auk25sSIdD0q:E/TQLTuT4BrbgWV20WLJ4hAu55vIdD0q
Score

7^/10

discovery persistence
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistence

© 2018-2024

Terms | Privacy