Extracted

• • Target

    main_setup_x86x64.exe

  • Size

    3.4MB

  • MD5

    0184f17ec998d5c082be90e0834bd0cb

  • SHA1

    7ca834cb8e3a94fad24ebad4c4ee6fe0c11fd27a

  • SHA256

    e69ffe0dd3f18c468d42cdf3e9494ec8c4e1709c15ccc00aead919d397be172a

  • SHA512

    e13de4e734dd4e5012d78ca3e434c55c03e940149eda6cd5a6bb29c85c1912a6bdc9c6f3cc904506997b536c046c146bf5757c2c486cd83e1927c62fbf77269e

  • SSDEEP

    98304:erBZLpBk7378X9xmFHwwpb7eZsKiWN7/wI4nA6:efLpC730AFQwpeZsON0dn

  Score

  10^/10

  nullmixeraspackv2dropper

  • NullMixer

    NullMixer is a malware dropper leading to an infection chain of a wide variety of malware families.

    droppernullmixer

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2