Malware Analysis Report

2024-11-13 19:35

Sample ID 230209-xlc7msge91
Target 0x0007000000012741-63.dat
SHA256 f45503899a8be5a339c32cde00f3bdf71a4149a9728d3316b15e62f2cb1c7204
Tags
nullmixer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

f45503899a8be5a339c32cde00f3bdf71a4149a9728d3316b15e62f2cb1c7204

Threat Level: Known bad

The file 0x0007000000012741-63.dat was found to be: Known bad.

Malicious Activity Summary

nullmixer

Nullmixer family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-02-09 18:56

Signatures

Nullmixer family

nullmixer

Analysis: behavioral2

Detonation Overview

Submitted

2023-02-09 18:56

Reported

2023-02-09 18:58

Platform

win10v2004-20220901-en

Max time kernel

90s

Max time network

155s

Command Line

"C:\Users\Admin\AppData\Local\Temp\0x0007000000012741-63.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\0x0007000000012741-63.exe

"C:\Users\Admin\AppData\Local\Temp\0x0007000000012741-63.exe"

Network

Country Destination Domain Proto
NL 8.238.21.254:80 tcp
US 93.184.220.29:80 tcp
US 20.189.173.12:443 tcp
NL 8.238.21.254:80 tcp
NL 8.238.21.254:80 tcp
NL 8.238.21.254:80 tcp
NL 8.238.21.254:80 tcp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-02-09 18:56

Reported

2023-02-09 18:58

Platform

win7-20220812-en

Max time kernel

42s

Max time network

47s

Command Line

"C:\Users\Admin\AppData\Local\Temp\0x0007000000012741-63.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\0x0007000000012741-63.exe

"C:\Users\Admin\AppData\Local\Temp\0x0007000000012741-63.exe"

Network

N/A

Files

N/A