MUMU emulator is a Trojan horse Malicious

In fact, it’s a very impressive program in terms of performance, and it’s free.
I used it, but wondered why it’s free.
I then did some research, using virustotal and some other sites.
I did a lot of research.
I found that the program is malicious and uses hidden methods to steal information, making it difficult to detect.
I followed the graphics and the process from the beginning and found:

A Network Trojan was detected
Potential Corporate Privacy Violation
Detects a driver load from a temporary directory
Detects the load of a signed WinRing0 driver often used by threat actors, crypto miners (XMRIG) or malware for privilege escalation
Detect the creation of a service with a service binary located in a suspicious directory
Trojan.Shlem.ea
NemuDownloader.exe
HyperVChecker.exe

title: Driver Load From A Temporary Directory
id: 2c4523d5-d481-4ed0-8ec3-7fbf0cb41a75
status: test
description: Detects a driver load from a temporary directory
references:
– Internal Research
author: Florian Roth (Nextron Systems)
date: 2017-02-12
modified: 2021-11-27
tags:
– attack.persistence
– attack.privilege-escalation
– attack.t1543.003
logsource:
category: driver_load
product: windows
detection:
selection:
ImageLoaded|contains: ‘\Temp\’
condition: selection
falsepositives:
– There is a relevant set of false positives depending on applications in the environment
level: high

bidevazomu.com
9C10.tmp
biggestblazer.com

 

full report https://app.any.run/tasks/dd4f9986-90d6-4b1f-9287-72543e5518d6