General
-
Target
file.exe
-
Size
2.4MB
-
Sample
221120-q34btsah21
-
MD5
9a7834ffc1237c246a332b351aac26fd
-
SHA1
89fdcc1e2f2cfd56d71a7c456cfdd83bdd03ca7e
-
SHA256
c82857f6b8e8ad8b0434997f784432a68fe7a3465215a48cc07573549d51484f
-
SHA512
5070735d137e3f0c652081b6c5f1378f1bb6e00eb592653bbbdd3a1ee24684bec9aeb497c84da141a7834041e967c185e3e1be1bfdcf543c17d744f1726e5705
-
SSDEEP
49152:q2B3iwnD68Kdcd+hXVJSqsgJEWTarEeuteBOACC02B0qBcX9je8JLUxVkBaFwnm:rBxD+dC+hzSq5/arNuM0e0FF7UxVkB0H
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.4MB
-
MD5
9a7834ffc1237c246a332b351aac26fd
-
SHA1
89fdcc1e2f2cfd56d71a7c456cfdd83bdd03ca7e
-
SHA256
c82857f6b8e8ad8b0434997f784432a68fe7a3465215a48cc07573549d51484f
-
SHA512
5070735d137e3f0c652081b6c5f1378f1bb6e00eb592653bbbdd3a1ee24684bec9aeb497c84da141a7834041e967c185e3e1be1bfdcf543c17d744f1726e5705
-
SSDEEP
49152:q2B3iwnD68Kdcd+hXVJSqsgJEWTarEeuteBOACC02B0qBcX9je8JLUxVkBaFwnm:rBxD+dC+hzSq5/arNuM0e0FF7UxVkB0H
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-