General

  • Target

    file.exe

  • Size

    2.2MB

  • Sample

    221130-zkbnjagc6v

  • MD5

    766cb114de5bf4cc43b1022be80a0cf1

  • SHA1

    b0bb1e500e52ed82bcdd6b4b8433db029344b4b7

  • SHA256

    5152974f52d2ec4842dceb465042cb901deb8181de3b9cad1ff3ed9d618bf54d

  • SHA512

    c220fd424c8ed1b03b4c24f551546eb755e4c31d1ded6260ecb8da93d1146b3bb992fb81f0414307cfb990564287a8bac15199d8d22e4072c1ac3d898fb6c638

  • SSDEEP

    49152:Qgu/5cyP8qNi5UI50O3YJy6t+4UT/ucGTyu8nAG5cyk:QD5cyP8t/3Yf2T/ucIyuiXcyk

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      2.2MB

    • MD5

      766cb114de5bf4cc43b1022be80a0cf1

    • SHA1

      b0bb1e500e52ed82bcdd6b4b8433db029344b4b7

    • SHA256

      5152974f52d2ec4842dceb465042cb901deb8181de3b9cad1ff3ed9d618bf54d

    • SHA512

      c220fd424c8ed1b03b4c24f551546eb755e4c31d1ded6260ecb8da93d1146b3bb992fb81f0414307cfb990564287a8bac15199d8d22e4072c1ac3d898fb6c638

    • SSDEEP

      49152:Qgu/5cyP8qNi5UI50O3YJy6t+4UT/ucGTyu8nAG5cyk:QD5cyP8t/3Yf2T/ucIyuiXcyk

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks