9939367240b5d4574fe950ec6deb748b4a62863d30e11743b8bb2c3d89391a9e | Triage

Sharing

General

Target

Cwelium.exe
Size

14.2MB
Sample

241107-v334aawgmm
MD5

006f987a3024b6a6b4266b33c7d15e5d
SHA1

92637b2d1da516653b3647d02a37f32f6de92c14
SHA256

9939367240b5d4574fe950ec6deb748b4a62863d30e11743b8bb2c3d89391a9e
SHA512

611a3bfa04d5cd66a7e84f2cb276e4c454248b38c7cc9406fbf649681e0a3186d02e3065b981f576b8681fd524abaa1dc2ad7b8834c6954d44d02eed07d622dd
SSDEEP

393216:oreQYUazI1IaoL4sva6W29YEhDG07BOHtPgQhRR:QeNBBcsvq2Bz1OGQb

Score

7^/10

Malware Config

Targets

- Target
  
  Cwelium.exe
- Size
  
  14.2MB
- MD5
  
  006f987a3024b6a6b4266b33c7d15e5d
- SHA1
  
  92637b2d1da516653b3647d02a37f32f6de92c14
- SHA256
  
  9939367240b5d4574fe950ec6deb748b4a62863d30e11743b8bb2c3d89391a9e
- SHA512
  
  611a3bfa04d5cd66a7e84f2cb276e4c454248b38c7cc9406fbf649681e0a3186d02e3065b981f576b8681fd524abaa1dc2ad7b8834c6954d44d02eed07d622dd
- SSDEEP
  
  393216:oreQYUazI1IaoL4sva6W29YEhDG07BOHtPgQhRR:QeNBBcsvq2Bz1OGQb
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3