nymaim | 1faf2a191de3233262fab81e8ffb9a58314019b06f76fb43798bd194897a3935 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file
Size

392KB
Sample

220916-vhng4acabq
MD5

3e74f8779fd525355e262cca7d5197ea
SHA1

a7c8b45b9695e485d276ff2f45897722168abf35
SHA256

1faf2a191de3233262fab81e8ffb9a58314019b06f76fb43798bd194897a3935
SHA512

60ffecf1661de9a700d30b6e7de653c236eef2f8c4605f6a0810804b7c4dc91c8e8ad746ae007b0f5c2fd5377e10cadbc52657c3de071bb0147e3b5503da1167
SSDEEP

6144:x5WhuS3kEPa/aW8W7OtTL+EDV4WafP9dhwQKf0PBV3nigabwVf:x5OuS3yFrEDV4NfCQB73i

Score

10^/10

nymaim trojan

Malware Config

Extracted

Family

nymaim

C2

208.67.104.97

85.31.46.167

Targets

- Target
  
  file
- Size
  
  392KB
- MD5
  
  3e74f8779fd525355e262cca7d5197ea
- SHA1
  
  a7c8b45b9695e485d276ff2f45897722168abf35
- SHA256
  
  1faf2a191de3233262fab81e8ffb9a58314019b06f76fb43798bd194897a3935
- SHA512
  
  60ffecf1661de9a700d30b6e7de653c236eef2f8c4605f6a0810804b7c4dc91c8e8ad746ae007b0f5c2fd5377e10cadbc52657c3de071bb0147e3b5503da1167
- SSDEEP
  
  6144:x5WhuS3kEPa/aW8W7OtTL+EDV4WafP9dhwQKf0PBV3nigabwVf:x5OuS3yFrEDV4NfCQB73i
Score

10^/10

nymaim trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2