b52721bf53c98af2059c7b0aa4cb0255af0b1abe89b0630dd3fc5faa0d331bd9 | Triage

Sharing

General

Target

Cwelium.exe
Size

13.4MB
Sample

241213-wpnxwawqfw
MD5

1970691985cfa519e5d7cd4d318da84d
SHA1

f26399239532055cb0ff59e5f05e5790aadd6c60
SHA256

b52721bf53c98af2059c7b0aa4cb0255af0b1abe89b0630dd3fc5faa0d331bd9
SHA512

dc49b26a530c3a33b2f899d0ec9d620ad782fb1d1c45ae265674abaf22e87e20161eafea74fb121a470c9889efa31c63eb5542a7612c0745d07362f93e426f37
SSDEEP

393216:np/NZLsx7vSjIZkybHj3qBnEFx8igxT51BmJ8X6vS3v1yiFnUGqPFX:np1Z4x7aUzbHDqBE7jAcJ8XkS3siFPq

Score

7^/10

Malware Config

Targets

- Target
  
  Cwelium.exe
- Size
  
  13.4MB
- MD5
  
  1970691985cfa519e5d7cd4d318da84d
- SHA1
  
  f26399239532055cb0ff59e5f05e5790aadd6c60
- SHA256
  
  b52721bf53c98af2059c7b0aa4cb0255af0b1abe89b0630dd3fc5faa0d331bd9
- SHA512
  
  dc49b26a530c3a33b2f899d0ec9d620ad782fb1d1c45ae265674abaf22e87e20161eafea74fb121a470c9889efa31c63eb5542a7612c0745d07362f93e426f37
- SSDEEP
  
  393216:np/NZLsx7vSjIZkybHj3qBnEFx8igxT51BmJ8X6vS3v1yiFnUGqPFX:np1Z4x7aUzbHDqBE7jAcJ8XkS3siFPq
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3