General
-
Target
file.exe
-
Size
2.2MB
-
Sample
221120-pz7peaha6t
-
MD5
6d5d308a97097a9d78e02aa37377927b
-
SHA1
5097a29df6487be4a44fa286e77f7d5f89b2e032
-
SHA256
7756e22a70289307ae01e0f165ea276d925d5c126713c02e6a36e7a87b243a2e
-
SHA512
407e99fedf4a78074c7589512f192d8f05c2c1562feb0081c417deafbca6d098ac2cc1a3359e4c94c0fcac4dc09a0c6cc02f400171a7a7d706c8d5b7d75a756d
-
SSDEEP
49152:q2+Ofgd0VShc+yTEXmS2zRB8gLA1jKX/iRrKEmpz2UxVkBaFwnm:r+NKh+yTom7zwlR2RSUxVkB04m
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.2MB
-
MD5
6d5d308a97097a9d78e02aa37377927b
-
SHA1
5097a29df6487be4a44fa286e77f7d5f89b2e032
-
SHA256
7756e22a70289307ae01e0f165ea276d925d5c126713c02e6a36e7a87b243a2e
-
SHA512
407e99fedf4a78074c7589512f192d8f05c2c1562feb0081c417deafbca6d098ac2cc1a3359e4c94c0fcac4dc09a0c6cc02f400171a7a7d706c8d5b7d75a756d
-
SSDEEP
49152:q2+Ofgd0VShc+yTEXmS2zRB8gLA1jKX/iRrKEmpz2UxVkBaFwnm:r+NKh+yTom7zwlR2RSUxVkB04m
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-