General

  • Target

    d9ad071b8a1580636fad78a01aced6efb029870af5a57167c7744247c8a1aa08_write_back

  • Size

    251KB

  • Sample

    221118-t4lpysdg6v

  • MD5

    e7b30f5fcf633e27d751043e734fb140

  • SHA1

    5b5ed454f94a72867778513ef16cbc61bbfc5cd9

  • SHA256

    9bd0abea543f774e5ca1870ab9a62772b41f240b409442d0c301cf9c612dfe94

  • SHA512

    597caa6a82aea65412594a99189353d59f10fabf9c9bd6f22421324b2a913d692c8f69a00565228be2387b74a9c54324f9b504cff1a3029f36d5c0a281b203b9

  • SSDEEP

    6144:gh5ghAKGMjmBZ+es0zjRThcSSlIvY50dV6wKqwAOkeOZe:gh5HcjmBZ+edzjRTW/umyZe

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      d9ad071b8a1580636fad78a01aced6efb029870af5a57167c7744247c8a1aa08_write_back

    • Size

      251KB

    • MD5

      e7b30f5fcf633e27d751043e734fb140

    • SHA1

      5b5ed454f94a72867778513ef16cbc61bbfc5cd9

    • SHA256

      9bd0abea543f774e5ca1870ab9a62772b41f240b409442d0c301cf9c612dfe94

    • SHA512

      597caa6a82aea65412594a99189353d59f10fabf9c9bd6f22421324b2a913d692c8f69a00565228be2387b74a9c54324f9b504cff1a3029f36d5c0a281b203b9

    • SSDEEP

      6144:gh5ghAKGMjmBZ+es0zjRThcSSlIvY50dV6wKqwAOkeOZe:gh5HcjmBZ+edzjRTW/umyZe

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks