Updates from the MaaS: new threats delivered through NullMixer
Tags
country: Armenia Azerbaijan Belarus France Italy Kazakhstan Kyrgyzstan Latvia Moldova Tajikistan Uzbekistan Russia Turkmenistan
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model External Proxy - T1090.002 Hardware - T1592.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Seo Poisoning - T1608.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID fd5fbf9f-e9c3-42f3-ae12-48e117551654
Fingerprint bdb5b8f9acb6a6c9
Analysis status DONE
Considered CTI value 2
Text language
Published March 27, 2023, 1:41 p.m.
Added to db March 27, 2023, 6:52 p.m.
Last updated Nov. 17, 2024, 6:53 p.m.
Headline Updates from the MaaS: new threats delivered through NullMixer
Title Updates from the MaaS: new threats delivered through NullMixer
Detected Hints/Tags/Attributes 105/3/20
Source URLs
Redirection Url
Details Source https://securityaffairs.com/144092/malware/maas-threats-delivered-through-nullmixer-malware.html
URL Provider
Details Provider Source level domain
Details securityaffairs.com securityaffairs.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 164 https://media.cert.europa.eu/rss?type=category&id=SocialEngineering&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 77 
mega.nz
Details Domain 434 
medium.com
Details File 18 
crack.exe
Details File 3 
brg.exe
Details File 3 
lower.exe
Details File 10 
sqlcmd.exe
Details File 3 
kiffappe2.exe
Details File 3 
ss29.exe
Details File 2 
addnew.php
Details File 2 
c:\windows\sysnative\cmd.exe
Details File 2 
debug2.ps1
Details File 2 
debug20.ps1
Details File 2 
debug4.ps1
Details md5 2 
324db70fad161852fb9a12b202b6c8ad
Details md5 2 
53f9c2f2f1a755fc04130fd5e9fcaff4
Details md5 2 
6ffbbca108cfe838ca7138e381df210d
Details md5 2 
9725ec075e92e25ea5b6e99c35c7aa74
Details MITRE ATT&CK Techniques 36 
T1090.002
Details Threat Actor Identifier - APT 144 
APT38
Details Url 252 
https://medium.com