Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e811f15e7b0d6394b97e2cfee6b2d050f1c8f2e7c968c91798e17db11b21aed4

  • Size

    299KB

  • Sample

    221031-g2pmlsbbam

  • MD5

    9a81f3fe052ec842427ec0092372688c

  • SHA1

    65c51821c6767649c4cb5379cea38d7e8557f45b

  • SHA256

    e811f15e7b0d6394b97e2cfee6b2d050f1c8f2e7c968c91798e17db11b21aed4

  • SHA512

    b9e40cc9e1bfc4c4ebf066f286c329385e6068fe89b33d8c4be0b8d7c5329512d1cdc60ba7532b4c74080e7e7d4f0e4d9d069b0a88760b78775a257abc662083

  • SSDEEP

    6144:zp8TcsY8OLjOobgfjryWziYbo+jMpVfsKG4WtI12OsSoonTTOIib4:zp6tOvOobyjnisHMrfFWa12bSvvY4

Score
10/10
nymaimtrojan

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      e811f15e7b0d6394b97e2cfee6b2d050f1c8f2e7c968c91798e17db11b21aed4

    • Size

      299KB

    • MD5

      9a81f3fe052ec842427ec0092372688c

    • SHA1

      65c51821c6767649c4cb5379cea38d7e8557f45b

    • SHA256

      e811f15e7b0d6394b97e2cfee6b2d050f1c8f2e7c968c91798e17db11b21aed4

    • SHA512

      b9e40cc9e1bfc4c4ebf066f286c329385e6068fe89b33d8c4be0b8d7c5329512d1cdc60ba7532b4c74080e7e7d4f0e4d9d069b0a88760b78775a257abc662083

    • SSDEEP

      6144:zp8TcsY8OLjOobgfjryWziYbo+jMpVfsKG4WtI12OsSoonTTOIib4:zp6tOvOobyjnisHMrfFWa12bSvvY4

    Score
    10/10
    nymaimtrojan

    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

      trojannymaim

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks