Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    2.2MB

  • Sample

    221130-3hqw8aee99

  • MD5

    691997b3c6129ff2dba13300f8f6e2c0

  • SHA1

    bdc28d73205b1121b4a25e19b246fe8cb928cc84

  • SHA256

    b248366303d84a892d54d2a3bfcf5a4642c20be9b00bf6402336c295ac18f025

  • SHA512

    38bf8fa7777fd988836ee95559c0453f2412a5508c248d73d6cf17dc705005dd8dd7d85c815bffea733a8844aa514d472b851409da6db148f526c35a7851ff85

  • SSDEEP

    49152:UPAUk702BOllI/o8m1knFJoD981SnplY0K9mc4M89pVQrD6BRxM6FWYEAG5cyS:UPAUk70/lI0kERLY03pV57VF6XcyS

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      2.2MB

    • MD5

      691997b3c6129ff2dba13300f8f6e2c0

    • SHA1

      bdc28d73205b1121b4a25e19b246fe8cb928cc84

    • SHA256

      b248366303d84a892d54d2a3bfcf5a4642c20be9b00bf6402336c295ac18f025

    • SHA512

      38bf8fa7777fd988836ee95559c0453f2412a5508c248d73d6cf17dc705005dd8dd7d85c815bffea733a8844aa514d472b851409da6db148f526c35a7851ff85

    • SSDEEP

      49152:UPAUk702BOllI/o8m1knFJoD981SnplY0K9mc4M89pVQrD6BRxM6FWYEAG5cyS:UPAUk70/lI0kERLY03pV57VF6XcyS

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks