General
-
Target
file.exe
-
Size
3.6MB
-
Sample
221203-ndpe9see25
-
MD5
9e2fdccc0daf2e786e7a10b4911d06ca
-
SHA1
74de799bebf140c6850c4b4f317e0f8e9357eaa7
-
SHA256
397ddb85fd35b89be41c94cd590a273836d56dd5ed6728fd32c30097f94d6435
-
SHA512
8ac083a265eccb2a53ab068ca463caa1ba18625afcb3c00326cfb9f1c20d7c4351a6bfc591414dccd9041a933b7f372f6b8ec26bba826bfda276c2635927e1e7
-
SSDEEP
98304:4JXfW4K3rLPUMrbly7x8bgfLNiZzew8SkMgaNz/BEH23tWXcyf:cfBK7LPrPEQgf0VtrLBe6WXcyf
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
3.6MB
-
MD5
9e2fdccc0daf2e786e7a10b4911d06ca
-
SHA1
74de799bebf140c6850c4b4f317e0f8e9357eaa7
-
SHA256
397ddb85fd35b89be41c94cd590a273836d56dd5ed6728fd32c30097f94d6435
-
SHA512
8ac083a265eccb2a53ab068ca463caa1ba18625afcb3c00326cfb9f1c20d7c4351a6bfc591414dccd9041a933b7f372f6b8ec26bba826bfda276c2635927e1e7
-
SSDEEP
98304:4JXfW4K3rLPUMrbly7x8bgfLNiZzew8SkMgaNz/BEH23tWXcyf:cfBK7LPrPEQgf0VtrLBe6WXcyf
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-