General

  • Target

    file.exe

  • Size

    2.0MB

  • Sample

    221130-z4gznafb84

  • MD5

    dfd11da0c0b39e7980c7e9df1e14cfe8

  • SHA1

    09e0e24bcf2ed8b4f66b4621296acc3014e57ab8

  • SHA256

    7101f882de9d4e9591e66f491344ef555f2c2ef7f207546cbb48d899902428d7

  • SHA512

    0038afb44e5d2a701f0952c0d77d1e43bde06f12de72a07c775500034402d462c0911d53f21e11aec6cafd8121a37b2ff9cba27392e27505d13dbf57f024f370

  • SSDEEP

    49152:8C+W49LAUlwnK/W0FYx0WGiHBznvspPDrti57lJJAG5cyi:8dW+KnK+0nWGUVSrtgtXcyi

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      2.0MB

    • MD5

      dfd11da0c0b39e7980c7e9df1e14cfe8

    • SHA1

      09e0e24bcf2ed8b4f66b4621296acc3014e57ab8

    • SHA256

      7101f882de9d4e9591e66f491344ef555f2c2ef7f207546cbb48d899902428d7

    • SHA512

      0038afb44e5d2a701f0952c0d77d1e43bde06f12de72a07c775500034402d462c0911d53f21e11aec6cafd8121a37b2ff9cba27392e27505d13dbf57f024f370

    • SSDEEP

      49152:8C+W49LAUlwnK/W0FYx0WGiHBznvspPDrti57lJJAG5cyi:8dW+KnK+0nWGUVSrtgtXcyi

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks