General
-
Target
800626880b206896d6057ddf914d13dacaba7849c0499dae43c9a46a8062f448
-
Size
216KB
-
Sample
220128-yqmgjscfa9
-
MD5
0bff7092fb2836a35f802140ffee8edc
-
SHA1
bf32f5a6aa02f8d94406fdd14bb919e283af0499
-
SHA256
800626880b206896d6057ddf914d13dacaba7849c0499dae43c9a46a8062f448
-
SHA512
939ad07c4b9e0a8524ee9d1c9cc63310477a4e0a37f5527d8934b8d6dda29687dd1ff7bd33ee05be6b36102c667394f6a4a6756eb370c53136c35c928efe0211
Static task
static1
Behavioral task
behavioral1
Sample
800626880b206896d6057ddf914d13dacaba7849c0499dae43c9a46a8062f448.msi
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
800626880b206896d6057ddf914d13dacaba7849c0499dae43c9a46a8062f448.msi
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
800626880b206896d6057ddf914d13dacaba7849c0499dae43c9a46a8062f448
-
Size
216KB
-
MD5
0bff7092fb2836a35f802140ffee8edc
-
SHA1
bf32f5a6aa02f8d94406fdd14bb919e283af0499
-
SHA256
800626880b206896d6057ddf914d13dacaba7849c0499dae43c9a46a8062f448
-
SHA512
939ad07c4b9e0a8524ee9d1c9cc63310477a4e0a37f5527d8934b8d6dda29687dd1ff7bd33ee05be6b36102c667394f6a4a6756eb370c53136c35c928efe0211
Score10/10-
Andromut
AndroMut is a downloader written in C++, it was first observed in June 2019.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-