nullmixer | e69ffe0dd3f18c468d42cdf3e9494ec8c4e1709c15ccc00aead919d397be172a | Triage

Submit
Reports

Overview

overview

Static

static

1

main_setup_x86x64.exe

windows7-x64

main_setup_x86x64.exe

windows10-2004-x64

Sharing

General

Target

main_setup_x86x64.exe
Size

3.4MB
Sample

230210-p99xhsad84
MD5

0184f17ec998d5c082be90e0834bd0cb
SHA1

7ca834cb8e3a94fad24ebad4c4ee6fe0c11fd27a
SHA256

e69ffe0dd3f18c468d42cdf3e9494ec8c4e1709c15ccc00aead919d397be172a
SHA512

e13de4e734dd4e5012d78ca3e434c55c03e940149eda6cd5a6bb29c85c1912a6bdc9c6f3cc904506997b536c046c146bf5757c2c486cd83e1927c62fbf77269e
SSDEEP

98304:erBZLpBk7378X9xmFHwwpb7eZsKiWN7/wI4nA6:efLpC730AFQwpeZsON0dn

Score

10^/10

nullmixer aspackv2 dropper

Static task

static1

Behavioral task

behavioral1

Sample

main_setup_x86x64.exe

Resource

win7-20221111-en

nullmixer aspackv2 dropper

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

main_setup_x86x64.exe

Resource

win10v2004-20221111-en

nullmixer aspackv2 dropper

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

nullmixer

C2

http://estrix.xyz/

Targets

- Target
  
  main_setup_x86x64.exe
- Size
  
  3.4MB
- MD5
  
  0184f17ec998d5c082be90e0834bd0cb
- SHA1
  
  7ca834cb8e3a94fad24ebad4c4ee6fe0c11fd27a
- SHA256
  
  e69ffe0dd3f18c468d42cdf3e9494ec8c4e1709c15ccc00aead919d397be172a
- SHA512
  
  e13de4e734dd4e5012d78ca3e434c55c03e940149eda6cd5a6bb29c85c1912a6bdc9c6f3cc904506997b536c046c146bf5757c2c486cd83e1927c62fbf77269e
- SSDEEP
  
  98304:erBZLpBk7378X9xmFHwwpb7eZsKiWN7/wI4nA6:efLpC730AFQwpeZsON0dn
Score

10^/10

nullmixer aspackv2 dropper
- NullMixer
  NullMixer is a malware dropper leading to an infection chain of a wide variety of malware families.
  dropper nullmixer
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

nullmixeraspackv2dropper

behavioral2

nullmixeraspackv2dropper

© 2018-2024

Terms | Privacy