General

  • Target

    d50f2affefc8e6b74d71ebde456205af_JaffaCakes118

  • Size

    8.2MB

  • Sample

    241208-d6snaa1jav

  • MD5

    d50f2affefc8e6b74d71ebde456205af

  • SHA1

    90b7114547e3123f53ae471683960f92fc0eec1f

  • SHA256

    33960eba7c214f99318c2f115e816214e76cadbc264b08671278acd116d601b5

  • SHA512

    7702603329b91748d7255701782b735cd40decc02f671a9a37704228f7b2565e0e957eaac41a8f100f4ecc19409fcffd3f73787ef7bbef4e6ad7988d85e460d4

  • SSDEEP

    98304:DTfbcmZ0c5YJ8lJhrFzo4nHo4SpM4Xd8bdFYCITWvfWf9wQav:Dfl5p3gN8Zw/f/s

Malware Config

Extracted

Family

nullmixer

C2

http://watira.xyz/

Targets

    • Target

      d50f2affefc8e6b74d71ebde456205af_JaffaCakes118

    • Size

      8.2MB

    • MD5

      d50f2affefc8e6b74d71ebde456205af

    • SHA1

      90b7114547e3123f53ae471683960f92fc0eec1f

    • SHA256

      33960eba7c214f99318c2f115e816214e76cadbc264b08671278acd116d601b5

    • SHA512

      7702603329b91748d7255701782b735cd40decc02f671a9a37704228f7b2565e0e957eaac41a8f100f4ecc19409fcffd3f73787ef7bbef4e6ad7988d85e460d4

    • SSDEEP

      98304:DTfbcmZ0c5YJ8lJhrFzo4nHo4SpM4Xd8bdFYCITWvfWf9wQav:Dfl5p3gN8Zw/f/s

    • NullMixer

      NullMixer is a malware dropper leading to an infection chain of a wide variety of malware families.

    • Nullmixer family

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

    • Privateloader family

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Socelars family

    • Socelars payload

MITRE ATT&CK Enterprise v15

Tasks