Overview

overview

10

Static

static

10

a002887520...7d.exe

windows7-x64

10

a002887520...7d.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    16-02-2024 09:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a002887520541f37f1b182856dd6ab7d.exe

  • Size

    4.2MB

  • MD5

    a002887520541f37f1b182856dd6ab7d

  • SHA1

    e352c82608132fd5c09a3b33cb3386d06bc702a0

  • SHA256

    b5f59efe6b0a0f207940166d338da8c9cc701b90680fda614f4d83aba011c6b8

  • SHA512

    4a8d2a0010a7b8b74662227ed679aab5bca07d6fbf47895408d010d45e20fa04d1cee1d41d53179a694750a7988356fb26dd3a92279d4533756dbba80126871e

  • SSDEEP

    49152:3Zmygd5Wp5rJRxCkUP876oK3j03M6jLEl3k:3uzgtJTCklYMf

Score
10/10
nullmixerprivateloaderdropperloader

Malware Config

Extracted

Family

nullmixer

C2

http://marisana.xyz/

Signatures

  • NullMixer

    NullMixer is a malware dropper leading to an infection chain of a wide variety of malware families.

    droppernullmixer
  • PrivateLoader

    PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

    loaderprivateloader

Processes

  • C:\Users\Admin\AppData\Local\Temp\a002887520541f37f1b182856dd6ab7d.exe
    "C:\Users\Admin\AppData\Local\Temp\a002887520541f37f1b182856dd6ab7d.exe"
    1⤵
      PID:2952

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2952-0-0x0000000000400000-0x000000000071E000-memory.dmp

      Filesize

      3.1MB

      Download