Extracted

• • Target

    file

  • Size

    2.3MB

  • MD5

    7988c4050692ba18f17e23f4334700fa

  • SHA1

    7ec5730cbe1534c0b83c99415e72206543698209

  • SHA256

    282d83b8ec7e69b060e78958eacf054b85747076fde5c0bddcfa0f380accdccf

  • SHA512

    00de2e3d22e4bd08da0e459e74489cd88540eae4e3f5a66c5d1370c74fa51b6dea24ee032d2bd3b276baf5a29cd05120b4ac8bdcbd0f31120952ceb98ef9153b

  • SSDEEP

    49152:Z2EEOSBytjabGuE89/PPzgmlFO5JdQHJ2ARWg85A5hq:MzmaI89/PkmlI5wHXWgDq

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2