General

  • Target

    913b9c46bf9bff46c541ab896b7647362fc812f039c09fa6c9bd5cc8248b47eb

  • Size

    389KB

  • Sample

    221101-mljpbabhak

  • MD5

    eae24b434e696ebed84c7389a92e986f

  • SHA1

    5064a24893dd6f0813ae1b5cc715a6ab85919481

  • SHA256

    913b9c46bf9bff46c541ab896b7647362fc812f039c09fa6c9bd5cc8248b47eb

  • SHA512

    1ccc6379dcf0cc0646ed5374b9846f448dfa33ba838da7d9a33469fcfe18f8e986cd3111d6d9714a7f5ff14625cd26cd7b55354a77c1a6675fb28c0091e66644

  • SSDEEP

    6144:9wsS/y15JFSmpLF/uppLnXPUrbHOR7ITsq:9wsky15JxJFmnX6DOR7

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      913b9c46bf9bff46c541ab896b7647362fc812f039c09fa6c9bd5cc8248b47eb

    • Size

      389KB

    • MD5

      eae24b434e696ebed84c7389a92e986f

    • SHA1

      5064a24893dd6f0813ae1b5cc715a6ab85919481

    • SHA256

      913b9c46bf9bff46c541ab896b7647362fc812f039c09fa6c9bd5cc8248b47eb

    • SHA512

      1ccc6379dcf0cc0646ed5374b9846f448dfa33ba838da7d9a33469fcfe18f8e986cd3111d6d9714a7f5ff14625cd26cd7b55354a77c1a6675fb28c0091e66644

    • SSDEEP

      6144:9wsS/y15JFSmpLF/uppLnXPUrbHOR7ITsq:9wsky15JxJFmnX6DOR7

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks