nymaim | 8bd2c018f4b7e8991317131ae43241037f3060a441ce75cfbec1af1b89fd4e42 | Triage

Sharing

General

Target

file.exe
Size

357KB
Sample

220916-f8va1aaeck
MD5

667a568749310a12d5ba992fd0159ba9
SHA1

be6741802e61ed51da5ff8463cd2f56dca852b05
SHA256

8bd2c018f4b7e8991317131ae43241037f3060a441ce75cfbec1af1b89fd4e42
SHA512

25f129accf4b616adda8c11b35e93ac1907df812037b65c9eac1087510700e9f3cbd03df21c3dbf40418402b5b425c01ab64cd2cae217e30cbf949de8448c945
SSDEEP

6144:itkDe1SCJrdrQxFwDRCkEphjClCMTVBt18DBnG0rYnigan:iyKPtQx2DRl4hmlCYf81kiP

Score

10^/10

nymaim trojan

Malware Config

Extracted

Family

nymaim

C2

208.67.104.97

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  357KB
- MD5
  
  667a568749310a12d5ba992fd0159ba9
- SHA1
  
  be6741802e61ed51da5ff8463cd2f56dca852b05
- SHA256
  
  8bd2c018f4b7e8991317131ae43241037f3060a441ce75cfbec1af1b89fd4e42
- SHA512
  
  25f129accf4b616adda8c11b35e93ac1907df812037b65c9eac1087510700e9f3cbd03df21c3dbf40418402b5b425c01ab64cd2cae217e30cbf949de8448c945
- SSDEEP
  
  6144:itkDe1SCJrdrQxFwDRCkEphjClCMTVBt18DBnG0rYnigan:iyKPtQx2DRl4hmlCYf81kiP
Score

10^/10

nymaim trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2