General
-
Target
file.exe
-
Size
2.1MB
-
Sample
221118-qsyzcshd79
-
MD5
d3c7feec9ec9d7ff5294f969f7f96aba
-
SHA1
9aa4a82f8df241e1b36a00411973ef7dc28fd02d
-
SHA256
6161db35967129634349a86fb1f01d97423fb547be26913db5a14b3bbed18da9
-
SHA512
e547490147bb8e4b2e3d536192d707c7b0276cc1d0d29b886d5c26957c89d497254c2a40743d667372c6e1fdbfa8a9c73da89299516c0e60aaf71db576d9202a
-
SSDEEP
49152:q2vTZmRmbcpAbrM+331kpv2GmstW3QCNLgE90yHfRx7Pq2:r1mRruVpGVnCN081PD
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.1MB
-
MD5
d3c7feec9ec9d7ff5294f969f7f96aba
-
SHA1
9aa4a82f8df241e1b36a00411973ef7dc28fd02d
-
SHA256
6161db35967129634349a86fb1f01d97423fb547be26913db5a14b3bbed18da9
-
SHA512
e547490147bb8e4b2e3d536192d707c7b0276cc1d0d29b886d5c26957c89d497254c2a40743d667372c6e1fdbfa8a9c73da89299516c0e60aaf71db576d9202a
-
SSDEEP
49152:q2vTZmRmbcpAbrM+331kpv2GmstW3QCNLgE90yHfRx7Pq2:r1mRruVpGVnCN081PD
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-