17e2832ca2f23bcf605cde71c90beb2bf50895295f037ec820018906f8523ab8 | Triage

Sharing

General

Target

Cwelium.exe
Size

13.4MB
Sample

250125-wcdldavrap
MD5

75771f14e49b870f19f5c4c1501cf240
SHA1

5550db70ebe91e431ffd651c64ce43278df04c2e
SHA256

17e2832ca2f23bcf605cde71c90beb2bf50895295f037ec820018906f8523ab8
SHA512

0696f4a9e04ead22bade1351e1d8876b9f73e78fd4e7ee033ee758e47ae2ee1c74bdd07f0fbb88ca0d59037ccc1ef6bcf09a44dbaf224ca65b04719d9f46819b
SSDEEP

393216:A+xeGATUqeiiGo9dZoKu+xz6umO9+VkY/Tp80SkW6:beFTUHXGbKuqWDO9+asdPSo

Score

7^/10

Malware Config

Targets

- Target
  
  Cwelium.exe
- Size
  
  13.4MB
- MD5
  
  75771f14e49b870f19f5c4c1501cf240
- SHA1
  
  5550db70ebe91e431ffd651c64ce43278df04c2e
- SHA256
  
  17e2832ca2f23bcf605cde71c90beb2bf50895295f037ec820018906f8523ab8
- SHA512
  
  0696f4a9e04ead22bade1351e1d8876b9f73e78fd4e7ee033ee758e47ae2ee1c74bdd07f0fbb88ca0d59037ccc1ef6bcf09a44dbaf224ca65b04719d9f46819b
- SSDEEP
  
  393216:A+xeGATUqeiiGo9dZoKu+xz6umO9+VkY/Tp80SkW6:beFTUHXGbKuqWDO9+asdPSo
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3