General
-
Target
file.exe
-
Size
2.2MB
-
Sample
221120-2qhp5sbd47
-
MD5
8cf9eaa7921709e1078efc9a518dee4d
-
SHA1
8ac4ca8c3aa512990e4ad7553c671f64107c9666
-
SHA256
f16450dfd119db8053036893b28cbcd5a09b1734485b98432bd9b04ca562eee9
-
SHA512
169d2bb4d66282ecfdb96fbe28d7769f851e401d661fb03e3a1d6aee3e93b5a8986f245ea34ab95c052f436903e3e06f4357caf642eab545a6dca8e4e2845d44
-
SSDEEP
49152:q2XDVmT+CvbbnSGtcc4Z5LC5m2127bysU/liwgfvm11UxVkBaFwnm:rc+gbXm5LC5Z1qbysUVumvUxVkB04m
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.2MB
-
MD5
8cf9eaa7921709e1078efc9a518dee4d
-
SHA1
8ac4ca8c3aa512990e4ad7553c671f64107c9666
-
SHA256
f16450dfd119db8053036893b28cbcd5a09b1734485b98432bd9b04ca562eee9
-
SHA512
169d2bb4d66282ecfdb96fbe28d7769f851e401d661fb03e3a1d6aee3e93b5a8986f245ea34ab95c052f436903e3e06f4357caf642eab545a6dca8e4e2845d44
-
SSDEEP
49152:q2XDVmT+CvbbnSGtcc4Z5LC5m2127bysU/liwgfvm11UxVkBaFwnm:rc+gbXm5LC5Z1qbysUVumvUxVkB04m
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-