General
-
Target
file.exe
-
Size
2.4MB
-
Sample
221120-k8f6laag4z
-
MD5
8cc79e1ec7dca80e7acba18d53bc2827
-
SHA1
bd3aa938d90b403cf61c48278ddf04dc4e31d2e9
-
SHA256
a4c4bbcb3cc060cf6439e5d101ac8933992de20337b65184f9f72f16e28648d3
-
SHA512
155506868ac72912e187011f2d68b38f060f41701913e7540c44eba1f3839867457f2bf5e82c318ea566a65c44830c0a9ce457e34184fe2375058b8b62786056
-
SSDEEP
49152:q2GWP0oK1eyZWlSJoD+NRIKeYClhAQFoU70d9K51Wxx49UxVkBaFwnm:rGWqLIaF5NC7AQFd6K52xMUxVkB04m
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.4MB
-
MD5
8cc79e1ec7dca80e7acba18d53bc2827
-
SHA1
bd3aa938d90b403cf61c48278ddf04dc4e31d2e9
-
SHA256
a4c4bbcb3cc060cf6439e5d101ac8933992de20337b65184f9f72f16e28648d3
-
SHA512
155506868ac72912e187011f2d68b38f060f41701913e7540c44eba1f3839867457f2bf5e82c318ea566a65c44830c0a9ce457e34184fe2375058b8b62786056
-
SSDEEP
49152:q2GWP0oK1eyZWlSJoD+NRIKeYClhAQFoU70d9K51Wxx49UxVkBaFwnm:rGWqLIaF5NC7AQFd6K52xMUxVkB04m
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-