General
-
Target
file.exe
-
Size
2.4MB
-
Sample
221120-1dletsfa4x
-
MD5
bef4bce2a2d28fca8718566075d3c6f4
-
SHA1
5a0740a3b93021ae82a9d83a12d2a9f9dd665fff
-
SHA256
00c896fd0a63c29c4c2fbb2962eed2de004640ee66c65b495caf6cad9d66f192
-
SHA512
a40de97add56b744929c51a1fae1f4ac191fcd6ef0d899aa829c69f85db5daa028ea61c695f6ee360be3a208d99b5b0fa870b3c8d8f77d7f6d240cf3f81091c1
-
SSDEEP
49152:q2r7E8nO6Ndonf1VjcCqIeZMqt88jWzcx49R9qrz7VkRsOUxVkBaFwnm:rDJzC1Vjc/TmLVRY7KdUxVkB04m
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.4MB
-
MD5
bef4bce2a2d28fca8718566075d3c6f4
-
SHA1
5a0740a3b93021ae82a9d83a12d2a9f9dd665fff
-
SHA256
00c896fd0a63c29c4c2fbb2962eed2de004640ee66c65b495caf6cad9d66f192
-
SHA512
a40de97add56b744929c51a1fae1f4ac191fcd6ef0d899aa829c69f85db5daa028ea61c695f6ee360be3a208d99b5b0fa870b3c8d8f77d7f6d240cf3f81091c1
-
SSDEEP
49152:q2r7E8nO6Ndonf1VjcCqIeZMqt88jWzcx49R9qrz7VkRsOUxVkBaFwnm:rDJzC1Vjc/TmLVRY7KdUxVkB04m
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-