andromut | 22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c | Triage

Submit
Reports

Overview

overview

Static

static

22709a6347...2c.msi

windows7_x64

22709a6347...2c.msi

windows10_x64

Sharing

General

Target

22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
Size

204KB
Sample

220128-1xyt9sfaf5
MD5

a5f05ed9179d637a450fca303a6fa821
SHA1

dff059d0723bb9e4934425b88d61380abd8c575e
SHA256

22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
SHA512

97c9a3dfb5609af280671347d35e6d488679139b46703fc1226189c4068cc48e755497604be0425a6377602ad9331fc3cbe7dcea70fe1fb1c01ddd093e678b0e

Score

10^/10

andromut downloader evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c.msi

Resource

win7-en-20211208

andromut downloader evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c.msi

Resource

win10-en-20211208

andromut downloader evasion trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
- Size
  
  204KB
- MD5
  
  a5f05ed9179d637a450fca303a6fa821
- SHA1
  
  dff059d0723bb9e4934425b88d61380abd8c575e
- SHA256
  
  22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
- SHA512
  
  97c9a3dfb5609af280671347d35e6d488679139b46703fc1226189c4068cc48e755497604be0425a6377602ad9331fc3cbe7dcea70fe1fb1c01ddd093e678b0e
Score

10^/10

andromut downloader evasion trojan
- Andromut
  AndroMut is a downloader written in C++, it was first observed in June 2019.
  trojan downloader andromut
- Executes dropped EXE
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

andromutdownloaderevasiontrojan

behavioral2

andromutdownloaderevasiontrojan

© 2018-2024

Terms | Privacy