General
Target

gwui.dll

Size

211KB

Sample

220208-11v8jsffhq

Score
10/10
MD5

ac581207ef80437a961f2ada3a47d763

SHA1

62964395bbc5fbee65dac62e0233ce8377674b2c

SHA256

b6262f4aa06d0bf045d95e3fcbc142f1d1d98f053da5714e3570482f0cf93b65

SHA512

e0e079b3271cf71b582c6d1ea9326860f7c7467051c7aaacab7f19115390655341200fdba1e0b01e2b6225e8ed2efb0a1cdc55bd7fccb120060d89cb0d493bc2

Malware Config

Extracted

Family

cobaltstrike

C2

http://foxofeli.com:443/image-directory/dhl.jpg

Attributes
user_agent
Host: weibo.com Connection: close Accept-Language: fr-CH, fr;q=0.9, en;q=0.8, de;q=0.7, *;q=0.5 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9
Targets
Target

gwui.dll

MD5

ac581207ef80437a961f2ada3a47d763

Filesize

211KB

Score
10/10
SHA1

62964395bbc5fbee65dac62e0233ce8377674b2c

SHA256

b6262f4aa06d0bf045d95e3fcbc142f1d1d98f053da5714e3570482f0cf93b65

SHA512

e0e079b3271cf71b582c6d1ea9326860f7c7467051c7aaacab7f19115390655341200fdba1e0b01e2b6225e8ed2efb0a1cdc55bd7fccb120060d89cb0d493bc2

Tags

Signatures

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        Score
                        N/A

                        behavioral1

                        Score
                        10/10

                        behavioral2

                        Score
                        10/10