27955548d4580b473ddbfa59505e5be35947554803fc8402c57fdceeff9ebb5e

Sharing

Copy URL Twitter E-mail

General

Target

Mullvad.7z
Size

178KB
Sample

240530-rq6rvscf47
MD5

8c457ec404a05e51f457508a172d4518
SHA1

9bb952cd9f99d8ee81afa60ad44384e47d905327
SHA256

27955548d4580b473ddbfa59505e5be35947554803fc8402c57fdceeff9ebb5e
SHA512

e60727b5bf562029efcfd117d6567ef7b8462c339e8169ab5103bad40cc43929757d36492f468b9d2831478aa398e461e9aec3db4341aa687c0d1ef47c506ac1
SSDEEP

3072:85GOlp2emrh7dGX2UNPqvM9fn9Agb7uQOYT6XzdBnKjfixxSnv9onguBGlC:E3/sIX21M5b5rsdBKjKxxS8GlC

Score

7^/10

Malware Config

Targets

- Target
  
  Enums.NET.dll
- Size
  
  120KB
- MD5
  
  511ad7d19f538a7071f9677224ab3922
- SHA1
  
  061373168bdb4ca9f4e3d3d6fe50a22b05a640bc
- SHA256
  
  27fadb63c7b1fb4b80bbc58982f218ae277f802bbc360f1db09b4ffba2e1938f
- SHA512
  
  784bc5c5ccc5843a264d3f3b8ffa49eb35eae09c34b9a140972057b2cfa5d3e002bc7b751b89ef6071771da0e460eab9247e8f2d3d733ea0c5946d6f58b4bd2e
- SSDEEP
  
  1536:ZiR2Llc+fvUANZJPQbsMfFSv2b3j6UIcd4mU30RqPGk6mla:Zo2J6AFGfFSeb7Iy4bERi6mla
Score

1^/10
behavioral1 behavioral2
- Target
  
  Mullvad.Checker.dll
- Size
  
  24KB
- MD5
  
  2c1422dd9490fe0146adbd5d68eb8913
- SHA1
  
  c1ff2cd490e9f7d02b83c1f549b6315cf51eb9b3
- SHA256
  
  c1acb9fa32beb378652fb53611933d18d637c57bd245ca8260eb28e3e02e5759
- SHA512
  
  2b3cfb13128cba9af6725e2bfc52c7a1258ad740500d4b8c5328677b999c4e090af4c14d203edac49f0b0f9fbf8183833bcaafa128ad2788f3cfacbd302a7b2e
- SSDEEP
  
  384:ALWmP7x61xeawjZWzYJVIzqEj6v6kc13C8UF9mVlhuaPvA5LfO9qCsIURq:YBzUMWzYAmEj6p8DlhvPv0BCsIUs
Score

1^/10
behavioral3 behavioral4
- Target
  
  Mullvad.Checker.exe
- Size
  
  139KB
- MD5
  
  ea0d62cc90eea87352e272bea77b97e2
- SHA1
  
  429d582e0f294ade34084a4eafe472fb97c31013
- SHA256
  
  8a187dd1b587c6d8ef942c4ddc32f1cb14ae0894c0943286cb3f74386d27dc04
- SHA512
  
  4de7c405ef263eca0a1e9ad7ba74a04c8ace55935031bb18689ed5a7aa5290c32e30908852ccbb1121b1f3038eaec94f35db82b05e9426ea05c76de0f9ff2068
- SSDEEP
  
  3072:+iS4omp03WQthI/9S3BZi08iRQ1G78IVn2ebSkcJE8ltmCsIUs:+iS4ompB9S3BZi0a1G78IVhc+ct
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  Mullvad.Generator.dll
- Size
  
  9KB
- MD5
  
  a37a38a389a624308ac98ccb7f2094d2
- SHA1
  
  ac18b5d03fdf731e81d64e03b7ac9d5f7f5dc821
- SHA256
  
  eeb4879c7910f1a658a62d9554cb0ae8a9be06648a28d6de2d6408806dd00f05
- SHA512
  
  967d8fd15180ea6214d5ef3ea4ec226dce1e91c2d9516b113a9dde4d200968b6b6c4fead8a0e4205e2f6f61255c2d0a6be8d2efaa5bf0df62bab4cbfddc9d284
- SSDEEP
  
  96:hEGKZT9TwzSCa56JRG6+f+EBZw+FW32PheVTI3oeRnUKfuBzNt:Y99sznagbz+FZw+FWuZ9uD
Score

1^/10
behavioral7 behavioral8
- Target
  
  Mullvad.Generator.exe
- Size
  
  139KB
- MD5
  
  493fef9d357c578cb3146c1acf56a8db
- SHA1
  
  0c90022fdf93ec0b1e22069fde670e9dee3007bf
- SHA256
  
  a5d226affb5dbeee04c728c58b0064efe75fdb695f2f211337c5ed0d322936fc
- SHA512
  
  f1dabf51172154ec3255d41e35efa8b68c2f846bf500fa9315c744abacfc7dc4be568f41d7b844766b7e49a176184d12d6e0fec70cea396f6f698a96b585b831
- SSDEEP
  
  3072:miS4omp03WQthI/9S3BZi08iRQ1G78IVn2ebSkcJe8lt+:miS4ompB9S3BZi0a1G78IVhc8ct
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10