General

  • Target

    file.exe

  • Size

    3.6MB

  • Sample

    221203-yr4r8abb26

  • MD5

    061bf2b99ee9fe86da2f79ddf513957b

  • SHA1

    d68c880edf54c1ac30db2cca508ca1abf092e12c

  • SHA256

    5242b4344cfffddfceb99a48059caf30a2601038516aeb31f59b672d38455460

  • SHA512

    12c1e9f3fbaeb1904faadf9307788030a10397a130615ba196eeafeaac6a189bc6e34fae58f9b1a43b92e6458ec703b1df80a9ad40d70b23be1e34d40dcc29f4

  • SSDEEP

    98304:MeYgrTCv90Q1oQ96n+XmFzhULol3FU8yXnz7YraXcyZ:7rw0SoQ8+XmFzh+ol3FX4nIraXcyZ

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      3.6MB

    • MD5

      061bf2b99ee9fe86da2f79ddf513957b

    • SHA1

      d68c880edf54c1ac30db2cca508ca1abf092e12c

    • SHA256

      5242b4344cfffddfceb99a48059caf30a2601038516aeb31f59b672d38455460

    • SHA512

      12c1e9f3fbaeb1904faadf9307788030a10397a130615ba196eeafeaac6a189bc6e34fae58f9b1a43b92e6458ec703b1df80a9ad40d70b23be1e34d40dcc29f4

    • SSDEEP

      98304:MeYgrTCv90Q1oQ96n+XmFzhULol3FU8yXnz7YraXcyZ:7rw0SoQ8+XmFzh+ol3FX4nIraXcyZ

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks