Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    1.2MB

  • Sample

    221123-mas4lsde84

  • MD5

    32dc0f2a2c5ffd11ddcb5b5eb52fe517

  • SHA1

    e86e8c8991c76f9e9bf8641c2a895ee9b81d5b0b

  • SHA256

    e8a873425241ff3d007fa36535996ad284d1a738854e9f6f2b3545c584272d1c

  • SHA512

    732319870ecf6ed49402c51667d812ae9b8effdf4b6ee3005c225d593316f645e99610de1464be67e00ae832f44f1cd1f7f8129157a5d66cb4a4d3dc3c931621

  • SSDEEP

    24576:9izTh3GQryX8E/1BZj4fe4rbOMHwIW6QIALgk8gZIY7eCLxYiE:WTh3rrddHOMHJW6pAL1bNeViE

Score
10/10
nymaimdiscoverytrojan

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      1.2MB

    • MD5

      32dc0f2a2c5ffd11ddcb5b5eb52fe517

    • SHA1

      e86e8c8991c76f9e9bf8641c2a895ee9b81d5b0b

    • SHA256

      e8a873425241ff3d007fa36535996ad284d1a738854e9f6f2b3545c584272d1c

    • SHA512

      732319870ecf6ed49402c51667d812ae9b8effdf4b6ee3005c225d593316f645e99610de1464be67e00ae832f44f1cd1f7f8129157a5d66cb4a4d3dc3c931621

    • SSDEEP

      24576:9izTh3GQryX8E/1BZj4fe4rbOMHwIW6QIALgk8gZIY7eCLxYiE:WTh3rrddHOMHJW6pAL1bNeViE

    Score
    10/10
    nymaimdiscoverytrojan

    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

      trojannymaim

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks