General
-
Target
file.exe
-
Size
3.4MB
-
Sample
221204-jmqx8sdf8s
-
MD5
cb1e919aaa4a34f22f05648d4958fd33
-
SHA1
843552ffec560600f936d89e4644fd4765c368c8
-
SHA256
ad5f860da1b29a57efbaa6ea16dffd5d4212cb4055ead909f97a7f66f0fcc7a2
-
SHA512
c229128f489f015a11ba02e44933852456e043b0d1ec77cb6588cf9339012df66409c81c4f878bd22fb660bc5e2927c7631c842fe64d70f16791fca063d64dcb
-
SSDEEP
49152:8RJP89c/VvvHVG0KWMkPrLCRBEhlzYn0Gs1oGonLs4sV/WpJBrTWcPuwoV4JSSMU:8RWSv/ElknaBMwZL0VOpn/Z2J5ZrXcym
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
3.4MB
-
MD5
cb1e919aaa4a34f22f05648d4958fd33
-
SHA1
843552ffec560600f936d89e4644fd4765c368c8
-
SHA256
ad5f860da1b29a57efbaa6ea16dffd5d4212cb4055ead909f97a7f66f0fcc7a2
-
SHA512
c229128f489f015a11ba02e44933852456e043b0d1ec77cb6588cf9339012df66409c81c4f878bd22fb660bc5e2927c7631c842fe64d70f16791fca063d64dcb
-
SSDEEP
49152:8RJP89c/VvvHVG0KWMkPrLCRBEhlzYn0Gs1oGonLs4sV/WpJBrTWcPuwoV4JSSMU:8RWSv/ElknaBMwZL0VOpn/Z2J5ZrXcym
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-