0cf41c914fa47e70f5d4d478349158f7fdb66afa991d70c8bed225152880f409 | Triage

Sharing

General

Target

Cwelium.exe
Size

14.1MB
Sample

241012-tk1prsyepb
MD5

3ff58647b0c8381d4e6b0f58c61019d7
SHA1

2be537d98851f2db9e660f783fa8694b7a08a08e
SHA256

0cf41c914fa47e70f5d4d478349158f7fdb66afa991d70c8bed225152880f409
SHA512

f2376d9b0aede9b22d946480bd34925c5af0690bda9013827838389e0656bab1d576699657ced00ddf3693aebfee75da328a430b54075566d9ecf8661be390f7
SSDEEP

393216:BOS3nsV+GZGkF9e3LchJrB7GLKoatNmvT2Dpu:EV+TkFo3LC9tyatnDp

Score

7^/10

Malware Config

Targets

- Target
  
  Cwelium.exe
- Size
  
  14.1MB
- MD5
  
  3ff58647b0c8381d4e6b0f58c61019d7
- SHA1
  
  2be537d98851f2db9e660f783fa8694b7a08a08e
- SHA256
  
  0cf41c914fa47e70f5d4d478349158f7fdb66afa991d70c8bed225152880f409
- SHA512
  
  f2376d9b0aede9b22d946480bd34925c5af0690bda9013827838389e0656bab1d576699657ced00ddf3693aebfee75da328a430b54075566d9ecf8661be390f7
- SSDEEP
  
  393216:BOS3nsV+GZGkF9e3LchJrB7GLKoatNmvT2Dpu:EV+TkFo3LC9tyatnDp
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2