nymaim | 320925457414c16200197f0bbd64f586f9ba46e8bb59b83e9c509b6cfc2c67e6 | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

1.2MB
Sample

221123-qsyzcshg6y
MD5

f41ee7138424e1efdb3268aad9b65e31
SHA1

4c713d059c44f37faec689d3e4aff77e0511fee3
SHA256

320925457414c16200197f0bbd64f586f9ba46e8bb59b83e9c509b6cfc2c67e6
SHA512

953730879b283dc8ee76bcd48dd2de13a6ca6fbdf4a884b21fe7619140181624d8c4b72a75fb7ceb07351cb4f35fa465f0159289ce16cc7e1e44408959b2e47d
SSDEEP

24576:ViziCbxk5FZxMIpnmPbTPVFeh/Gyg/SvxVFsu5tCbJhxPSsf/EbkhgZIY7eCLxY/:+iCb2hmPbTTSGxSZVz4JhlSskhNeViY

Score

10^/10

nymaim discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20221111-en

nymaim discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

nymaim discovery trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  1.2MB
- MD5
  
  f41ee7138424e1efdb3268aad9b65e31
- SHA1
  
  4c713d059c44f37faec689d3e4aff77e0511fee3
- SHA256
  
  320925457414c16200197f0bbd64f586f9ba46e8bb59b83e9c509b6cfc2c67e6
- SHA512
  
  953730879b283dc8ee76bcd48dd2de13a6ca6fbdf4a884b21fe7619140181624d8c4b72a75fb7ceb07351cb4f35fa465f0159289ce16cc7e1e44408959b2e47d
- SSDEEP
  
  24576:ViziCbxk5FZxMIpnmPbTPVFeh/Gyg/SvxVFsu5tCbJhxPSsf/EbkhgZIY7eCLxY/:+iCb2hmPbTTSGxSZVz4JhlSskhNeViY
Score

10^/10

nymaim discovery trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

nymaimdiscoverytrojan

behavioral2

nymaimdiscoverytrojan

© 2018-2024

Terms | Privacy