nymaim | 1e61952d15ff48cb75f4adc7bd941de3e28d55fcfe400711bd1663bd71fbf723 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

2.9MB
Sample

221106-y2n5hscfbq
MD5

d6cfa6052088e22954edacc2d188db11
SHA1

856e7d9e435d57f701d2cc92f131a0f7bab36ed7
SHA256

1e61952d15ff48cb75f4adc7bd941de3e28d55fcfe400711bd1663bd71fbf723
SHA512

34bf1963c75225148128e85b0badd51823e603beac2aec38a5f7162c3cfbcaebc83e9b94cd9132922bbb64194dbf66af0eaaad22c2da3bcacfede6db29935d7d
SSDEEP

49152:Z20Zf/9bX+aWsjlgr7B8w0HA86QbJUNPYQUaExiFw8xrCmezvrUuczbA5hq:MkHEOKrND0HAwmYaExL9vIzMDq

Score

10^/10

nymaim discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

nymaim discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220901-en

nymaim discovery trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  2.9MB
- MD5
  
  d6cfa6052088e22954edacc2d188db11
- SHA1
  
  856e7d9e435d57f701d2cc92f131a0f7bab36ed7
- SHA256
  
  1e61952d15ff48cb75f4adc7bd941de3e28d55fcfe400711bd1663bd71fbf723
- SHA512
  
  34bf1963c75225148128e85b0badd51823e603beac2aec38a5f7162c3cfbcaebc83e9b94cd9132922bbb64194dbf66af0eaaad22c2da3bcacfede6db29935d7d
- SSDEEP
  
  49152:Z20Zf/9bX+aWsjlgr7B8w0HA86QbJUNPYQUaExiFw8xrCmezvrUuczbA5hq:MkHEOKrND0HAwmYaExL9vIzMDq
Score

10^/10

nymaim discovery trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

nymaimdiscoverytrojan

behavioral2

nymaimdiscoverytrojan

© 2018-2025

Terms | Privacy