nymaim | d7ea8329f41a0c4eaf530acf74b808191c266ae8492204b13c2f0fc15522565a

Analysis

max time kernel
49s
max time network
148s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
30/10/2022, 22:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d7ea8329f41a0c4eaf530acf74b808191c266ae8492204b13c2f0fc15522565a.exe
Size

395KB
MD5

5d328919ae03891b021dfa06b7f17a54
SHA1

2aa584a7c35c2258f2742c8a17719d3e66a2d30a
SHA256

d7ea8329f41a0c4eaf530acf74b808191c266ae8492204b13c2f0fc15522565a
SHA512

652f8327dbfe2d414fa5493b8742760fee106ef556a69472bac380d77a71dba6d1e384fe5953b219bb953c6ec0c5108d34cde78b2ddae42cf3ed18793834ab16
SSDEEP

6144:vhaVXLvVLOGcDzcIyrxlu+RYK2feFLPaExhFS7ITsq:vha1zVLOGUaB2feFLSSq7

Score

10^/10

nymaim trojan

Malware Config

Extracted

Family

nymaim

45.139.105.171

85.31.46.167

Signatures

NyMaim
NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
trojan nymaim

Program crash 6 IoCs

pid	pid_target	Process	procid_target
4876	2364	WerFault.exe	65
3472	2364	WerFault.exe	65
4340	2364	WerFault.exe	65
4348	2364	WerFault.exe	65
4376	2364	WerFault.exe	65
1956	2364	WerFault.exe	65

C:\Users\Admin\AppData\Local\Temp\d7ea8329f41a0c4eaf530acf74b808191c266ae8492204b13c2f0fc15522565a.exe
"C:\Users\Admin\AppData\Local\Temp\d7ea8329f41a0c4eaf530acf74b808191c266ae8492204b13c2f0fc15522565a.exe"
1⤵
PID:2364
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2364 -s 520
  2⤵
  - Program crash
  PID:4876
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2364 -s 732
  2⤵
  - Program crash
  PID:3472
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2364 -s 824
  2⤵
  - Program crash
  PID:4340
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2364 -s 836
  2⤵
  - Program crash
  PID:4348
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2364 -s 800
  2⤵
  - Program crash
  PID:4376
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2364 -s 976
  2⤵
  - Program crash
  PID:1956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2364-120-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-121-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-122-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-123-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-124-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-125-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-126-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-127-0x0000000002D01000-0x0000000002D28000-memory.dmp

Filesize
156KB

Download
memory/2364-128-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-129-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-130-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-131-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-132-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-133-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-134-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-135-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-136-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-137-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-138-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-139-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-141-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-140-0x0000000002C60000-0x0000000002D0E000-memory.dmp

Filesize
696KB

Download
memory/2364-142-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-144-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-145-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-143-0x00000000048A0000-0x00000000048E0000-memory.dmp

Filesize
256KB

Download
memory/2364-146-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-147-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-148-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-149-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-150-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-151-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-152-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-153-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-154-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-155-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-156-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-157-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-158-0x0000000000400000-0x0000000002C51000-memory.dmp

Filesize
40.3MB

Download
memory/2364-159-0x0000000002C60000-0x0000000002D0E000-memory.dmp

Filesize
696KB

Download
memory/2364-160-0x00000000048A0000-0x00000000048E0000-memory.dmp

Filesize
256KB

Download
memory/2364-161-0x0000000000400000-0x0000000002C51000-memory.dmp

Filesize
40.3MB

Download
memory/2364-162-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-163-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-164-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-165-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-166-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-167-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-168-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-169-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-170-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-171-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download
memory/2364-172-0x0000000077D40000-0x0000000077ECE000-memory.dmp

Filesize
1.6MB

Download

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads