nymaim | 1d3c373c6c13ef2cb5759cd5f136b809d69bcd241f7a9dc035984078960efdeb | Triage

Sharing

General

Target

tmp
Size

312KB
Sample

221025-m11ldacdg5
MD5

cd5f94ff8af11553bfd4cb5aed55c38b
SHA1

66bde5a6114c4185dab033138436f2ef5ed108f6
SHA256

1d3c373c6c13ef2cb5759cd5f136b809d69bcd241f7a9dc035984078960efdeb
SHA512

c319804a38a3577ac5e148436a4a3cc0bba747ce6720b4235287a55d47f8405a9709fd0c2e8588cf0be0335b28e4d11e097bb537639af2ee5d15c77cef39c6ef
SSDEEP

6144:MdQoLdmeeE7sCM7Oh5bZpXmxaY3bMRgjHAqGOgrV:MdVxme17snOhdHXlmbMyjHuv

Score

10^/10

nymaim trojan

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  tmp
- Size
  
  312KB
- MD5
  
  cd5f94ff8af11553bfd4cb5aed55c38b
- SHA1
  
  66bde5a6114c4185dab033138436f2ef5ed108f6
- SHA256
  
  1d3c373c6c13ef2cb5759cd5f136b809d69bcd241f7a9dc035984078960efdeb
- SHA512
  
  c319804a38a3577ac5e148436a4a3cc0bba747ce6720b4235287a55d47f8405a9709fd0c2e8588cf0be0335b28e4d11e097bb537639af2ee5d15c77cef39c6ef
- SSDEEP
  
  6144:MdQoLdmeeE7sCM7Oh5bZpXmxaY3bMRgjHAqGOgrV:MdVxme17snOhdHXlmbMyjHuv
Score

10^/10

nymaim trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2