General
-
Target
file.exe
-
Size
2.4MB
-
Sample
221120-17cd1sbc88
-
MD5
f8e577d2296c2b16fc4d7bbcea6a1601
-
SHA1
550191dbf0bc08940d07295da59188628eaee634
-
SHA256
e259bd68cd8d015df90beb8b77731595f468a936a7697064fff9d3e41b97a7d5
-
SHA512
568412faa0d3d0bf850f78facf2dd1c0adaf8e112ec9b700b702818c4a21823e3d727a4afad0de3e0b8100eab7ff5c574ae0ae8b3704799a328977732a61409d
-
SSDEEP
49152:q2BW9XRFDWRL+1W0ThoC3iDcTR8e6u4ODd2zofE2yHLsCNTPCUxVkBaFwnm:rBWhjD+yf3Mck0Dkzofry4CN+UxVkB0H
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.4MB
-
MD5
f8e577d2296c2b16fc4d7bbcea6a1601
-
SHA1
550191dbf0bc08940d07295da59188628eaee634
-
SHA256
e259bd68cd8d015df90beb8b77731595f468a936a7697064fff9d3e41b97a7d5
-
SHA512
568412faa0d3d0bf850f78facf2dd1c0adaf8e112ec9b700b702818c4a21823e3d727a4afad0de3e0b8100eab7ff5c574ae0ae8b3704799a328977732a61409d
-
SSDEEP
49152:q2BW9XRFDWRL+1W0ThoC3iDcTR8e6u4ODd2zofE2yHLsCNTPCUxVkBaFwnm:rBWhjD+yf3Mck0Dkzofry4CN+UxVkB0H
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-