General
-
Target
d9ad071b8a1580636fad78a01aced6efb029870af5a57167c7744247c8a1aa08_write_back
-
Size
251KB
-
Sample
221118-t4lpysdg6v
-
MD5
e7b30f5fcf633e27d751043e734fb140
-
SHA1
5b5ed454f94a72867778513ef16cbc61bbfc5cd9
-
SHA256
9bd0abea543f774e5ca1870ab9a62772b41f240b409442d0c301cf9c612dfe94
-
SHA512
597caa6a82aea65412594a99189353d59f10fabf9c9bd6f22421324b2a913d692c8f69a00565228be2387b74a9c54324f9b504cff1a3029f36d5c0a281b203b9
-
SSDEEP
6144:gh5ghAKGMjmBZ+es0zjRThcSSlIvY50dV6wKqwAOkeOZe:gh5HcjmBZ+edzjRTW/umyZe
Behavioral task
behavioral1
Sample
d9ad071b8a1580636fad78a01aced6efb029870af5a57167c7744247c8a1aa08_write_back.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
d9ad071b8a1580636fad78a01aced6efb029870af5a57167c7744247c8a1aa08_write_back.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
d9ad071b8a1580636fad78a01aced6efb029870af5a57167c7744247c8a1aa08_write_back
-
Size
251KB
-
MD5
e7b30f5fcf633e27d751043e734fb140
-
SHA1
5b5ed454f94a72867778513ef16cbc61bbfc5cd9
-
SHA256
9bd0abea543f774e5ca1870ab9a62772b41f240b409442d0c301cf9c612dfe94
-
SHA512
597caa6a82aea65412594a99189353d59f10fabf9c9bd6f22421324b2a913d692c8f69a00565228be2387b74a9c54324f9b504cff1a3029f36d5c0a281b203b9
-
SSDEEP
6144:gh5ghAKGMjmBZ+es0zjRThcSSlIvY50dV6wKqwAOkeOZe:gh5HcjmBZ+edzjRTW/umyZe
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-