Overview

overview

10

Static

static

10

1ae5885f83...18.exe

windows7-x64

10

1ae5885f83...18.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29-03-2024 06:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ae5885f834ae2acc19e025079325eb9_JaffaCakes118.exe

  • Size

    2.1MB

  • MD5

    1ae5885f834ae2acc19e025079325eb9

  • SHA1

    8d2f3f4687e67a94f2d35cb8ff4dd421145b2d98

  • SHA256

    b0707edfd4434aed01ef76dd9d6d6d439e7f2d3afdee59ac69dd6abd82f2ac14

  • SHA512

    333ecabf15ea6dc80f4214394043877ee44cabdd5b5e966e3164cc47acc7b278c825f94507a209062913d752d82cb0322c21bf9fd819ec23018e46e3c2dc6fde

  • SSDEEP

    24576:4mBF4ESWGYbYNIVLkd10Niv2Zmpc32cxWjxrfl3juQ55313N:4mBF4E9l32ckd7l3F

Score
10/10
nullmixerdropper

Malware Config

Extracted

Family

nullmixer

C2

http://hsiens.xyz/

Signatures

  • NullMixer

    NullMixer is a malware dropper leading to an infection chain of a wide variety of malware families.

    droppernullmixer

Processes

  • C:\Users\Admin\AppData\Local\Temp\1ae5885f834ae2acc19e025079325eb9_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\1ae5885f834ae2acc19e025079325eb9_JaffaCakes118.exe"
    1⤵
      PID:2784

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2784-0-0x0000000000400000-0x000000000051C000-memory.dmp

      Filesize

      1.1MB

      Download