Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a5980291d35ee92fec2260dd813693337ab7f96da46f5b23b6f8b372797d879e

  • Size

    299KB

  • Sample

    221025-e41rjsbeh8

  • MD5

    aad19e0296327cf38c8da1e5c5df4713

  • SHA1

    1d4810edd1d2ee7edc71a2e9ea0436839a0de45d

  • SHA256

    a5980291d35ee92fec2260dd813693337ab7f96da46f5b23b6f8b372797d879e

  • SHA512

    dc038d305c962b3cf9c32c907cb88338a1577102c97d6f64146212dd76313fbf421170098b756c2cbd3192af385cd9b81c74bee49877688d05eae444ed1e4254

  • SSDEEP

    6144:21l3Lfu/0cp12Rr0ao2ApzRVhUYYS9LghTrll:21Fa/0m12r0ao3R35Y2gh3ll

Score
10/10
nymaimtrojan

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      a5980291d35ee92fec2260dd813693337ab7f96da46f5b23b6f8b372797d879e

    • Size

      299KB

    • MD5

      aad19e0296327cf38c8da1e5c5df4713

    • SHA1

      1d4810edd1d2ee7edc71a2e9ea0436839a0de45d

    • SHA256

      a5980291d35ee92fec2260dd813693337ab7f96da46f5b23b6f8b372797d879e

    • SHA512

      dc038d305c962b3cf9c32c907cb88338a1577102c97d6f64146212dd76313fbf421170098b756c2cbd3192af385cd9b81c74bee49877688d05eae444ed1e4254

    • SSDEEP

      6144:21l3Lfu/0cp12Rr0ao2ApzRVhUYYS9LghTrll:21Fa/0m12r0ao3R35Y2gh3ll

    Score
    10/10
    nymaimtrojan

    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

      trojannymaim

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks