eff7c642084f3930e8cd8391c4d81964bab21234e4a8666a8ad71c1ca9218a91 | Triage

Sharing

General

Target

MuMuInstaller_1.5.0.6_overseas-v2.7.20.0x64_all_1678970676.exe
Size

5.0MB
Sample

230322-acgr5sdh25
MD5

529f667812cf9e1d22e3d89116b58188
SHA1

e8607d35f33df1ac180611afeb606282234f4d0d
SHA256

eff7c642084f3930e8cd8391c4d81964bab21234e4a8666a8ad71c1ca9218a91
SHA512

f1d93b88db2fd3d838375c37f2be019b743dd36b394a55c60e363afcba9fbd4a0e368140695eac28864a10ee3178766c8b4ab4c4d3f10694af585d3746c96d85
SSDEEP

98304:DealaARPaKusu7RfLUOnGsMZB1FVNtTuF3xhu3qNIsc02vDRZTEh:KaBPaHsuFwOnGsEVNW3x83qysc02vVZg

Score

7^/10

Malware Config

Targets

- Target
  
  MuMuInstaller_1.5.0.6_overseas-v2.7.20.0x64_all_1678970676.exe
- Size
  
  5.0MB
- MD5
  
  529f667812cf9e1d22e3d89116b58188
- SHA1
  
  e8607d35f33df1ac180611afeb606282234f4d0d
- SHA256
  
  eff7c642084f3930e8cd8391c4d81964bab21234e4a8666a8ad71c1ca9218a91
- SHA512
  
  f1d93b88db2fd3d838375c37f2be019b743dd36b394a55c60e363afcba9fbd4a0e368140695eac28864a10ee3178766c8b4ab4c4d3f10694af585d3746c96d85
- SSDEEP
  
  98304:DealaARPaKusu7RfLUOnGsMZB1FVNtTuF3xhu3qNIsc02vDRZTEh:KaBPaHsuFwOnGsEVNW3x83qysc02vVZg
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2