Extracted

• • Target

    file.exe

  • Size

    1.3MB

  • MD5

    e9c404f0f0851e0a18d4a46601dee51e

  • SHA1

    7fa9bea1c68da15ddd548f65c0558c3cabc16f56

  • SHA256

    ad9f4083baed608e0927c915b18b9577e7baf7e3a38782def370a50e7f929860

  • SHA512

    c564d001f2a0aa327cf3ca5ef9a7f4b2423eb4fd2b415d50ad10b7c52e17326b4390e971e43fb2ef5989a8e0ce35096b346366955bb5390739c431efa7f1fa37

  • SSDEEP

    24576:tiz5uzgaiubgYwc1iU3OPlmHV3YNQ39yOo4clYtROu7JuOtgZIY7eCLxYiy:G5uzgWHlOP+OygvyXnk1NeViy

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2