General

  • Target

    file.exe

  • Size

    2.2MB

  • Sample

    221130-xzdqbsgc33

  • MD5

    a09cd9c19f7d39da244ac825c90ac180

  • SHA1

    f5d849898a343798b0623ff13d096e956a0a1421

  • SHA256

    78a9d3fc45796299c1ea2517629159e6db3cf3baea91e80dfffdb688b5bd772b

  • SHA512

    dbcd3cb54d4c566942fae6db66b5a9cb21d7b84f1eb7d35352ce94f77cfe30d404d9015a8790e5bfb0d97a759511e1c73808d04ff21db469d2bdfa9584b690fb

  • SSDEEP

    49152:4nfod2qgtgqbm9BYRInqba009Ms1dzcfG42duxn5PI76AG5cy9:4ng2hYSteTMseGJu15PY6Xcy9

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      2.2MB

    • MD5

      a09cd9c19f7d39da244ac825c90ac180

    • SHA1

      f5d849898a343798b0623ff13d096e956a0a1421

    • SHA256

      78a9d3fc45796299c1ea2517629159e6db3cf3baea91e80dfffdb688b5bd772b

    • SHA512

      dbcd3cb54d4c566942fae6db66b5a9cb21d7b84f1eb7d35352ce94f77cfe30d404d9015a8790e5bfb0d97a759511e1c73808d04ff21db469d2bdfa9584b690fb

    • SSDEEP

      49152:4nfod2qgtgqbm9BYRInqba009Ms1dzcfG42duxn5PI76AG5cy9:4ng2hYSteTMseGJu15PY6Xcy9

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks