e289a8dcdbf730adc13799ecf0bc2217a43a80a660989bf160c2c9d38dec23f2 | Triage

Sharing

General

Target

Cwelium.exe
Size

12.8MB
Sample

240915-thnmes1gmf
MD5

7bbcd32674a9fdaaf5b5e5f066fcdab4
SHA1

3b10c3da29332c19495233003348a8c9838d5c1f
SHA256

e289a8dcdbf730adc13799ecf0bc2217a43a80a660989bf160c2c9d38dec23f2
SHA512

ee5b1ab82f74b5b0a31cc683b97b4adcf82483db8aa04cae3fdb6563287492ab71f7992e167f38c28efd664a810628ff645c0a174b3a4ba574e6b7f3764ebc92
SSDEEP

196608:rieBmOnMWLeYDr61E1H40rg9T+IRaM7fYPKUddpc1+i/jcnsr+iQ9zz92LURXt:rie0OnMzV1A40rMaPM08pgnVLzoLUp

Score

7^/10

Malware Config

Targets

- Target
  
  Cwelium.exe
- Size
  
  12.8MB
- MD5
  
  7bbcd32674a9fdaaf5b5e5f066fcdab4
- SHA1
  
  3b10c3da29332c19495233003348a8c9838d5c1f
- SHA256
  
  e289a8dcdbf730adc13799ecf0bc2217a43a80a660989bf160c2c9d38dec23f2
- SHA512
  
  ee5b1ab82f74b5b0a31cc683b97b4adcf82483db8aa04cae3fdb6563287492ab71f7992e167f38c28efd664a810628ff645c0a174b3a4ba574e6b7f3764ebc92
- SSDEEP
  
  196608:rieBmOnMWLeYDr61E1H40rg9T+IRaM7fYPKUddpc1+i/jcnsr+iQ9zz92LURXt:rie0OnMzV1A40rMaPM08pgnVLzoLUp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3