General
-
Target
file.exe
-
Size
2.2MB
-
Sample
221120-rcnzwsfe92
-
MD5
1756c2d93e31bdb9427d60f43cc3c946
-
SHA1
30edb994b1806258b7fd76628505ec87a9cbbe7d
-
SHA256
6e4906988a883ef5d80cec4abfe043de3adbdeab626028f4a062731e7defed31
-
SHA512
3a14382e21d6eff066e4732d7b367364e7858428eb1b566885e1d37d44ceac5fbb392391f6e25fdc3264293f91ffebab6bab92f24e2857188eda89c9d95ec301
-
SSDEEP
49152:q2+0zVIhaedtMdl1hWICsxiQkSbqP+eMw5VtygdsFfgu9rUxVkBaFwnm:r+0z/f1o5Q/VqGejbcguFP9rUxVkB04m
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.2MB
-
MD5
1756c2d93e31bdb9427d60f43cc3c946
-
SHA1
30edb994b1806258b7fd76628505ec87a9cbbe7d
-
SHA256
6e4906988a883ef5d80cec4abfe043de3adbdeab626028f4a062731e7defed31
-
SHA512
3a14382e21d6eff066e4732d7b367364e7858428eb1b566885e1d37d44ceac5fbb392391f6e25fdc3264293f91ffebab6bab92f24e2857188eda89c9d95ec301
-
SSDEEP
49152:q2+0zVIhaedtMdl1hWICsxiQkSbqP+eMw5VtygdsFfgu9rUxVkBaFwnm:r+0z/f1o5Q/VqGejbcguFP9rUxVkB04m
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-