Extracted

• • Target

    file

  • Size

    275KB

  • MD5

    cea36ce627059fd44bdb3dee912aeb82

  • SHA1

    2fa283a3306632cb2bc11e0d1989d6751427a2ce

  • SHA256

    0530372432e62bebb038982eb37cf5934d3a892048fa42139010937406a080cc

  • SHA512

    7ae838b5f85b5a4fcbc4a585a0274e250afc43d8a328fdffcf0cbaa6acbe37586545b869260b94dc6b30ccc5d8792d1849bcd31628e9f28dee9ce2268e943099

  • SSDEEP

    6144:fGLLyuJxnciM67mbPoKieMnQW/e20NSUPw6ff:fGLG0aibcPFzAl/e2kSUPv

  Score

  10^/10

  nymaimtrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Loads dropped DLL

  behavioral1behavioral2