General
-
Target
file.exe
-
Size
2.2MB
-
Sample
221120-3sab8afb7s
-
MD5
7488db8c0af90ee27e019e07dcd57bc7
-
SHA1
64a975a8c33e12b0c4ba600e903bdd5a88a31683
-
SHA256
b2f69ab142b199103e38893c60e805850ccd9e9a89fd11104b95a03a1e6e11aa
-
SHA512
80a54afcb57dc39b2bdfa4af1d5bf52dd2fcbefdfb553cfa260f992e40c84262107cc96102ab654585e13c764c49ce82d87f1fb431653d5fe825ad107597f3ba
-
SSDEEP
49152:q2vxEtFq4pKry+St2lTkVrJRFrsYKqUdRWN4fTfUxVkBaFwnm:rvxCSzS4pkVrGqARU4LUxVkB04m
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.2MB
-
MD5
7488db8c0af90ee27e019e07dcd57bc7
-
SHA1
64a975a8c33e12b0c4ba600e903bdd5a88a31683
-
SHA256
b2f69ab142b199103e38893c60e805850ccd9e9a89fd11104b95a03a1e6e11aa
-
SHA512
80a54afcb57dc39b2bdfa4af1d5bf52dd2fcbefdfb553cfa260f992e40c84262107cc96102ab654585e13c764c49ce82d87f1fb431653d5fe825ad107597f3ba
-
SSDEEP
49152:q2vxEtFq4pKry+St2lTkVrJRFrsYKqUdRWN4fTfUxVkBaFwnm:rvxCSzS4pkVrGqARU4LUxVkB04m
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-