General
-
Target
file.exe
-
Size
2.1MB
-
Sample
221201-aayb4sbf9z
-
MD5
da2100496a833c47e2d6e84e724e85dd
-
SHA1
3d64802e7cc72f032a68848808b6439f979505c1
-
SHA256
d1db6c96b89f0c587a9b170b56b1244e6afdf1a13cae98e80498d5fa6df05678
-
SHA512
e0554e98006c52b4df95caab18aeffa306426b2b91c2e304f1ff0ac95a86c0cba271780144323dfeea81cee712c28e44cb8dccf9f8764edaa07fbf644b17720b
-
SSDEEP
49152:spGKNFstFOEjCe3OrGo/PgdRYTXzf3UYwnyAhAp8HIs3S0GyuBpCwHsAG5cyM:sdFsrZ+r34AXzf3lAhRo7yuBptHsXcyM
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.1MB
-
MD5
da2100496a833c47e2d6e84e724e85dd
-
SHA1
3d64802e7cc72f032a68848808b6439f979505c1
-
SHA256
d1db6c96b89f0c587a9b170b56b1244e6afdf1a13cae98e80498d5fa6df05678
-
SHA512
e0554e98006c52b4df95caab18aeffa306426b2b91c2e304f1ff0ac95a86c0cba271780144323dfeea81cee712c28e44cb8dccf9f8764edaa07fbf644b17720b
-
SSDEEP
49152:spGKNFstFOEjCe3OrGo/PgdRYTXzf3UYwnyAhAp8HIs3S0GyuBpCwHsAG5cyM:sdFsrZ+r34AXzf3lAhRo7yuBptHsXcyM
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-