General
-
Target
YamyNuked.exe
-
Size
21.2MB
-
Sample
211022-aacemsbhbl
-
MD5
3964898dbb55586bf55556ab95bf277b
-
SHA1
885b9510982e0713a8f036d404c1ab23f34a7b60
-
SHA256
774c3c82a6ba75819070cca4d14f0df9329ebfe5b4dbb2e61423f95281ae7e6d
-
SHA512
3404856a6a66b1ac8cf45d01cf7b07c7079ec53c67b21ca5148406057c212a02acf9cabc74aa5e82596d8a55a26497d93196b3d42627f5ec885032aae4ebc290
Static task
static1
Behavioral task
behavioral1
Sample
YamyNuked.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
YamyNuked.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
YamyNuked.exe
-
Size
21.2MB
-
MD5
3964898dbb55586bf55556ab95bf277b
-
SHA1
885b9510982e0713a8f036d404c1ab23f34a7b60
-
SHA256
774c3c82a6ba75819070cca4d14f0df9329ebfe5b4dbb2e61423f95281ae7e6d
-
SHA512
3404856a6a66b1ac8cf45d01cf7b07c7079ec53c67b21ca5148406057c212a02acf9cabc74aa5e82596d8a55a26497d93196b3d42627f5ec885032aae4ebc290
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-