nullmixer | 3902b41713df7a020e132b2262c80f1a6b06dc9d712b2ff7a4f3ad45ce01d369 | Triage

Sharing

General

Target

a87fca13dda7e31fb6436e2745399bc7_JaffaCakes118
Size

6.8MB
Sample

241127-stvz7svqfn
MD5

a87fca13dda7e31fb6436e2745399bc7
SHA1

5258fc53cdedc2596c763281821c0a533d09f235
SHA256

3902b41713df7a020e132b2262c80f1a6b06dc9d712b2ff7a4f3ad45ce01d369
SHA512

c37c1483086420cc6bea0f4128925fc7bb66a6152f7a0d5dc32b2c40e2e6a025a8b7d244df2d5d8028ebfb9e962db42dcf227a72a411a002aba58cb60b5357ea
SSDEEP

98304:p4pfbcmZ68grGU9bdFYCITWvfEl5f9wQ91:p4ROdyU9Zw5vf/D

Score

10^/10

nullmixer privateloader discovery dropper loader

Malware Config

Extracted

Family

nullmixer

C2

http://marisana.xyz/

Targets

- Target
  
  a87fca13dda7e31fb6436e2745399bc7_JaffaCakes118
- Size
  
  6.8MB
- MD5
  
  a87fca13dda7e31fb6436e2745399bc7
- SHA1
  
  5258fc53cdedc2596c763281821c0a533d09f235
- SHA256
  
  3902b41713df7a020e132b2262c80f1a6b06dc9d712b2ff7a4f3ad45ce01d369
- SHA512
  
  c37c1483086420cc6bea0f4128925fc7bb66a6152f7a0d5dc32b2c40e2e6a025a8b7d244df2d5d8028ebfb9e962db42dcf227a72a411a002aba58cb60b5357ea
- SSDEEP
  
  98304:p4pfbcmZ68grGU9bdFYCITWvfEl5f9wQ91:p4ROdyU9Zw5vf/D
Score

10^/10

nullmixer privateloader dropper loader discovery
- NullMixer
  NullMixer is a malware dropper leading to an infection chain of a wide variety of malware families.
  dropper nullmixer
- Nullmixer family
  nullmixer
- PrivateLoader
  PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
  loader privateloader
- Privateloader family
  privateloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

nullmixerprivateloader

behavioral1

nullmixerprivateloaderdropperloader

behavioral2