General
-
Target
22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
-
Size
204KB
-
Sample
220128-1xyt9sfaf5
-
MD5
a5f05ed9179d637a450fca303a6fa821
-
SHA1
dff059d0723bb9e4934425b88d61380abd8c575e
-
SHA256
22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
-
SHA512
97c9a3dfb5609af280671347d35e6d488679139b46703fc1226189c4068cc48e755497604be0425a6377602ad9331fc3cbe7dcea70fe1fb1c01ddd093e678b0e
Static task
static1
Behavioral task
behavioral1
Sample
22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c.msi
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c.msi
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
-
Size
204KB
-
MD5
a5f05ed9179d637a450fca303a6fa821
-
SHA1
dff059d0723bb9e4934425b88d61380abd8c575e
-
SHA256
22709a6347d8b3157344165ab816ef0408154ddc5c9637c76d20147739a0252c
-
SHA512
97c9a3dfb5609af280671347d35e6d488679139b46703fc1226189c4068cc48e755497604be0425a6377602ad9331fc3cbe7dcea70fe1fb1c01ddd093e678b0e
Score10/10-
Andromut
AndroMut is a downloader written in C++, it was first observed in June 2019.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-