Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
1.5MB
-
Sample
221125-m6f4xsff5z
-
MD5
3ec8cc709e2c6c399995935a26b1424c
-
SHA1
e326e1dc24819ff6b2833452b38598c943c62197
-
SHA256
43918d8c4473265ec9b69efd8070a14e6732bafb4e7dd39f26213217c26e9796
-
SHA512
b59a4414d9bebffad20d4c0ecd2b19ab42a8734333826c9d0447003e2536f41baefcce8537719264c5c10ee88a36ff29fc0db2e6a02a03bdd914ec87678569bc
-
SSDEEP
24576:Bizcbc+fYNbvGln0RPYdctjmb+3G2UQeIFB+4Bz1U9vetEckQjj/jCsvdfaY6z7O:qkffYNjen0RMc9mSCi+4ZtV/3/2svdfj
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file
-
Size
1.5MB
-
MD5
3ec8cc709e2c6c399995935a26b1424c
-
SHA1
e326e1dc24819ff6b2833452b38598c943c62197
-
SHA256
43918d8c4473265ec9b69efd8070a14e6732bafb4e7dd39f26213217c26e9796
-
SHA512
b59a4414d9bebffad20d4c0ecd2b19ab42a8734333826c9d0447003e2536f41baefcce8537719264c5c10ee88a36ff29fc0db2e6a02a03bdd914ec87678569bc
-
SSDEEP
24576:Bizcbc+fYNbvGln0RPYdctjmb+3G2UQeIFB+4Bz1U9vetEckQjj/jCsvdfaY6z7O:qkffYNjen0RMc9mSCi+4ZtV/3/2svdfj
Score10/10-
NyMaim
NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-