nymaim | 87b3c14719911288aeee859ae75fc2e186ab5907435f80390ccba14440490bfc | Triage

Sharing

General

Target

50ce896f88bc2c74b2cee1eaf1c02352.exe
Size

254KB
Sample

220918-zka21abga8
MD5

50ce896f88bc2c74b2cee1eaf1c02352
SHA1

d322c51010c1b747ff833aa054c45f42cbf0b15e
SHA256

87b3c14719911288aeee859ae75fc2e186ab5907435f80390ccba14440490bfc
SHA512

28ec8b5a0d2d64e5cb70f0d4ed0899eed475d63acb39a609849726a1678ece9e5cb1d1d1da6677ef3ddc1db156127ce2cb1aaaa90c685cd82d6fba58cd67b3ac
SSDEEP

6144:fjCOADm4mig5vszRFT+7oK2SgDmw2FU084cAOiJw:fjCpDm4mig5viRFTsp7cKw

Score

10^/10

nymaim

Malware Config

Extracted

Family

nymaim

C2

208.67.104.97

85.31.46.167

Targets

- Target
  
  50ce896f88bc2c74b2cee1eaf1c02352.exe
- Size
  
  254KB
- MD5
  
  50ce896f88bc2c74b2cee1eaf1c02352
- SHA1
  
  d322c51010c1b747ff833aa054c45f42cbf0b15e
- SHA256
  
  87b3c14719911288aeee859ae75fc2e186ab5907435f80390ccba14440490bfc
- SHA512
  
  28ec8b5a0d2d64e5cb70f0d4ed0899eed475d63acb39a609849726a1678ece9e5cb1d1d1da6677ef3ddc1db156127ce2cb1aaaa90c685cd82d6fba58cd67b3ac
- SSDEEP
  
  6144:fjCOADm4mig5vszRFT+7oK2SgDmw2FU084cAOiJw:fjCpDm4mig5viRFTsp7cKw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2