General
-
Target
file.exe
-
Size
2.2MB
-
Sample
221130-ygzqhshh75
-
MD5
123f79577632ae3c0652c501f79f1b0d
-
SHA1
cb72645e7e86bf1a2b6bb468ec5838561ddd4b23
-
SHA256
512905a4eba1e84301c0bc842bc18644ab3aa1dadc71ec08e0ebe02ae2c31970
-
SHA512
f02cac2ec1185db3c36ce30a00f2745e2d0927d9dbb7da483c6c3b573369f03ac96c07adc166e2bd67da0dbe7654b4c6df88d6dc0b33db6a0846903915f0ca37
-
SSDEEP
49152:4JPC3kCj9fvuW6J35wuTBp+fH3Dif7pwyqRg6VAG5cyT:4c3d5f2B35NpUQUg6VXcyT
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.2MB
-
MD5
123f79577632ae3c0652c501f79f1b0d
-
SHA1
cb72645e7e86bf1a2b6bb468ec5838561ddd4b23
-
SHA256
512905a4eba1e84301c0bc842bc18644ab3aa1dadc71ec08e0ebe02ae2c31970
-
SHA512
f02cac2ec1185db3c36ce30a00f2745e2d0927d9dbb7da483c6c3b573369f03ac96c07adc166e2bd67da0dbe7654b4c6df88d6dc0b33db6a0846903915f0ca37
-
SSDEEP
49152:4JPC3kCj9fvuW6J35wuTBp+fH3Dif7pwyqRg6VAG5cyT:4c3d5f2B35NpUQUg6VXcyT
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-