nymaim | 5ad7bdd389745dec1a0b0b8b3de96281984000057fe73178e78732db937775db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

358KB
Sample

220916-lc2cbsfbh7
MD5

74857dc0f835003cc1b6438fba3b09ec
SHA1

b08574df206b42bcfe4f930374f3fe20f854d66f
SHA256

5ad7bdd389745dec1a0b0b8b3de96281984000057fe73178e78732db937775db
SHA512

afb31bdd62423c25365f8f061cd9a6b7a2890eaf7e74c3c5189e94da37f30e56915b8377f7ddecd38318b79e983374f29e83524fd9d3ae30c6cf3a24213380d6
SSDEEP

6144:SvpUQwa++5nbNg8sxkqZTOBWN6pVTv0mrZnigaH:ShU3h+5bNbg7aoy48iP

Score

10^/10

nymaim trojan

Malware Config

Extracted

Family

nymaim

C2

208.67.104.97

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  358KB
- MD5
  
  74857dc0f835003cc1b6438fba3b09ec
- SHA1
  
  b08574df206b42bcfe4f930374f3fe20f854d66f
- SHA256
  
  5ad7bdd389745dec1a0b0b8b3de96281984000057fe73178e78732db937775db
- SHA512
  
  afb31bdd62423c25365f8f061cd9a6b7a2890eaf7e74c3c5189e94da37f30e56915b8377f7ddecd38318b79e983374f29e83524fd9d3ae30c6cf3a24213380d6
- SSDEEP
  
  6144:SvpUQwa++5nbNg8sxkqZTOBWN6pVTv0mrZnigaH:ShU3h+5bNbg7aoy48iP
Score

10^/10

nymaim trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2