Extracted

• • Target

    file.exe

  • Size

    2.4MB

  • MD5

    2280bb52cc5f23318fba594725c7a809

  • SHA1

    95d10b5b47d9c548f48c76168a6cadb78a4ba537

  • SHA256

    455386e0bea468ba720082097fa6b8f2067edc60dcb383bf4fe68fdcfa402d39

  • SHA512

    129ccee50e9d03503f0a6f2a63711ce399ba20e69adf42376041d9628ba59f9d348cc92b53de7c658e42ac05ce0d13d801c604a8844f29ec812f5e9720daa616

  • SSDEEP

    49152:Z27Vpy/8n8t8TytljjxQaJ3fk94p9uEXY2A5hq:M7VpGhtSyzjjxQkrEEXKDq

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2