nymaim | ff1871aa671aaa0cbaa631c09adfe6961bb6aee9d38f1d021b68e441f3cda07c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

ff1871aa671aaa0cbaa631c09adfe6961bb6aee9d38f1d021b68e441f3cda07c
Size

396KB
Sample

220623-s2c5csgec8
MD5

0dda43464a9206fa78f10058b38903fa
SHA1

7ee44b7934e06b9b30628eba2b1abec9874cc2c3
SHA256

ff1871aa671aaa0cbaa631c09adfe6961bb6aee9d38f1d021b68e441f3cda07c
SHA512

f0905b90403e8706556823900ba72597ee993a95ef27e5a06a16217fdb7f6e47efb9d23c0e90a3f814efdda75464b656a988c6d5765e3db35c42d1f6a85035b6

Score

10^/10

nymaim trojan

Static task

static1

Behavioral task

behavioral1

Sample

ff1871aa671aaa0cbaa631c09adfe6961bb6aee9d38f1d021b68e441f3cda07c.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

nymaim

C2

37.0.8.39

31.210.20.149

212.192.241.16

Targets

- Target
  
  ff1871aa671aaa0cbaa631c09adfe6961bb6aee9d38f1d021b68e441f3cda07c
- Size
  
  396KB
- MD5
  
  0dda43464a9206fa78f10058b38903fa
- SHA1
  
  7ee44b7934e06b9b30628eba2b1abec9874cc2c3
- SHA256
  
  ff1871aa671aaa0cbaa631c09adfe6961bb6aee9d38f1d021b68e441f3cda07c
- SHA512
  
  f0905b90403e8706556823900ba72597ee993a95ef27e5a06a16217fdb7f6e47efb9d23c0e90a3f814efdda75464b656a988c6d5765e3db35c42d1f6a85035b6
Score

10^/10

nymaim trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy