General

  • Target

    file.exe

  • Size

    3.4MB

  • Sample

    221203-qthnrshd31

  • MD5

    235ce52421ee8e3899ab286b2c688cbc

  • SHA1

    1676ec85a8c650e2add831866ec4450bcab6b18e

  • SHA256

    80e422d64b4dbc2588ea72dd8d0efe831e54c3cb808ba7974c5c970a54f6cff3

  • SHA512

    76ad66eeeeb245ba6fb6b32284357c80a84745f11911e8952fa87b8e387af8d69496fcccde14c7e0a23892e42ccafa6a3a2a2a1289de31b69e5d07940aaf125d

  • SSDEEP

    49152:wTAmeme7z1GfSmBHYJ3CtiUx9pjLYNKgmWQ6qxx4BWoO9taY+Jk1jVAG5cyN:wTAm/e7z1S9lYLWQqWQ6qUBqyknXcyN

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      3.4MB

    • MD5

      235ce52421ee8e3899ab286b2c688cbc

    • SHA1

      1676ec85a8c650e2add831866ec4450bcab6b18e

    • SHA256

      80e422d64b4dbc2588ea72dd8d0efe831e54c3cb808ba7974c5c970a54f6cff3

    • SHA512

      76ad66eeeeb245ba6fb6b32284357c80a84745f11911e8952fa87b8e387af8d69496fcccde14c7e0a23892e42ccafa6a3a2a2a1289de31b69e5d07940aaf125d

    • SSDEEP

      49152:wTAmeme7z1GfSmBHYJ3CtiUx9pjLYNKgmWQ6qxx4BWoO9taY+Jk1jVAG5cyN:wTAm/e7z1S9lYLWQqWQ6qUBqyknXcyN

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks