General

  • Target

    file.exe

  • Size

    2.2MB

  • Sample

    221130-2pzx2aca48

  • MD5

    2930a212be9ba8e4d625b6275bdde32c

  • SHA1

    74a71595c827609debad3e4db7621672c35d7aa8

  • SHA256

    9fe8686f08f78beba79d579b27102f412fd9d60c7fc5e0785fbaace055467c87

  • SHA512

    214db877aadee84029317578d9c9fc5a5f28ae6a5f209b1091d2d179d684cfb618f32b844ec8e0f4afda17789aa67d2c5014b8ea1ae3c12c23f5f9098be1c89e

  • SSDEEP

    49152:chUP/bfgnl6XAPmECz5RRSaBcAp2p17tukh0KA6z6nAG5cyU:cCjgnlkW25JBdC17tukmXcyU

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      2.2MB

    • MD5

      2930a212be9ba8e4d625b6275bdde32c

    • SHA1

      74a71595c827609debad3e4db7621672c35d7aa8

    • SHA256

      9fe8686f08f78beba79d579b27102f412fd9d60c7fc5e0785fbaace055467c87

    • SHA512

      214db877aadee84029317578d9c9fc5a5f28ae6a5f209b1091d2d179d684cfb618f32b844ec8e0f4afda17789aa67d2c5014b8ea1ae3c12c23f5f9098be1c89e

    • SSDEEP

      49152:chUP/bfgnl6XAPmECz5RRSaBcAp2p17tukh0KA6z6nAG5cyU:cCjgnlkW25JBdC17tukmXcyU

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks