General
-
Target
file.exe
-
Size
3.5MB
-
Sample
221203-p1r1caeh2z
-
MD5
d509720b66ec14b7d69a4d49be0f1b04
-
SHA1
ad479e271d43e6a8d8c196bbbc505b7b46ee2deb
-
SHA256
d2eb4d2563623062275e4ca9ea5056efcb67d888dedffcfa87c5295133a796c9
-
SHA512
dfb241d15f0f43b874fa0a90919ca700af8263888688854e9d7fb23fe255cda4a6f0944c2676dd4fa1902bffc12ea3b27906e2b8283be5c601ea3cfd66238e5c
-
SSDEEP
49152:MdPaq9hzpaGw4eSyLqV+cMKEjaLqlNFv0CiwnSKcyxRsHxsCs5A2FLe2y6eAG5cR:MocRw4et+rM3GLsXvMwnxsuVFytXcy6
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
3.5MB
-
MD5
d509720b66ec14b7d69a4d49be0f1b04
-
SHA1
ad479e271d43e6a8d8c196bbbc505b7b46ee2deb
-
SHA256
d2eb4d2563623062275e4ca9ea5056efcb67d888dedffcfa87c5295133a796c9
-
SHA512
dfb241d15f0f43b874fa0a90919ca700af8263888688854e9d7fb23fe255cda4a6f0944c2676dd4fa1902bffc12ea3b27906e2b8283be5c601ea3cfd66238e5c
-
SSDEEP
49152:MdPaq9hzpaGw4eSyLqV+cMKEjaLqlNFv0CiwnSKcyxRsHxsCs5A2FLe2y6eAG5cR:MocRw4et+rM3GLsXvMwnxsuVFytXcy6
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-