wellmess | 95193266e37a3401a0becace6d41171ab2968ed5289d666043251d05552d02fc | Triage

Resubmissions

21-07-2022 15:43

220721-s6daxsgea5 10

29-07-2020 10:13

200729-htdzgvaz8x 6

Sharing

General

Target

wm.exe
Size

6.5MB
Sample

220721-s6daxsgea5
MD5

d7817bc8fc539fba6388907223773546
SHA1

505409528cec20ad4744513d83489b7025d23889
SHA256

95193266e37a3401a0becace6d41171ab2968ed5289d666043251d05552d02fc
SHA512

3f61fd9b1c534ad5a274d700e5ffcbd4901d1b449a49fb2f0c3b81aa0a997e9b6e2c77fa06470730bad3358f7be896a12dec5b6bab3b3a31e7a1d8907fb5e7eb

Score

10^/10

wellmess suricata

Malware Config

Extracted

Family

wellmess

C2

http://178.211.39.6:80

https://141.98.212.55:121

Targets

- Target
  
  wm.exe
- Size
  
  6.5MB
- MD5
  
  d7817bc8fc539fba6388907223773546
- SHA1
  
  505409528cec20ad4744513d83489b7025d23889
- SHA256
  
  95193266e37a3401a0becace6d41171ab2968ed5289d666043251d05552d02fc
- SHA512
  
  3f61fd9b1c534ad5a274d700e5ffcbd4901d1b449a49fb2f0c3b81aa0a997e9b6e2c77fa06470730bad3358f7be896a12dec5b6bab3b3a31e7a1d8907fb5e7eb
Score

10^/10

suricata
- suricata: ET MALWARE APT29/WellMess CnC Activity
  suricata: ET MALWARE APT29/WellMess CnC Activity
  suricata
- suricata: ET MALWARE APT29/Wellness CnC Host Checkin
  suricata: ET MALWARE APT29/Wellness CnC Host Checkin
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2