General
-
Target
file.exe
-
Size
1.9MB
-
Sample
221118-q3h1wshe23
-
MD5
0a774d7c64a51e2234f7436fe4056bbd
-
SHA1
54d4364d6ce9e8710d45556b71656952ffbd0504
-
SHA256
c9363a4f693b55889075ea84a2cabd510d2d55ade0f4fb0684ff6de50fd2388f
-
SHA512
8f6e8f7f19d6431c8d5f400bd8e160603661e78900893bac9b9f67c8bc7bb599bd3028dc6fe956d877a9e9a7511f2ef7c8f9ec26ed2088492da06cb29768fd8f
-
SSDEEP
49152:q2i7k8zPxeE5esShYdsR+BWwWQ4mfJ+HF64Nan4oZVyHfRx7Pq2:ri7tEE5es4a5Wx++khSPD
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.9MB
-
MD5
0a774d7c64a51e2234f7436fe4056bbd
-
SHA1
54d4364d6ce9e8710d45556b71656952ffbd0504
-
SHA256
c9363a4f693b55889075ea84a2cabd510d2d55ade0f4fb0684ff6de50fd2388f
-
SHA512
8f6e8f7f19d6431c8d5f400bd8e160603661e78900893bac9b9f67c8bc7bb599bd3028dc6fe956d877a9e9a7511f2ef7c8f9ec26ed2088492da06cb29768fd8f
-
SSDEEP
49152:q2i7k8zPxeE5esShYdsR+BWwWQ4mfJ+HF64Nan4oZVyHfRx7Pq2:ri7tEE5es4a5Wx++khSPD
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-