General

  • Target

    file.exe

  • Size

    3.4MB

  • Sample

    221204-m443zacd88

  • MD5

    6c459077a48b7b9977d19371e7261f8b

  • SHA1

    826709b270955091fed8214d83381ca2e6cdcf87

  • SHA256

    84638bce22e61e495f436e9ddb9e0c6e1b784f8d1e785f48898df60b6796bc02

  • SHA512

    d5c8d40c410e70ae5da77a85bf1ede1844a388dff313b4833cfc515ac89021c50bc4d21097571ccc37b144af199cb703dd77d16d33148ed53d803e5c8991d459

  • SSDEEP

    98304:QYimxKzUlgrFxzbQ9tE1yH0tsrvFWXcyx:+mQzegjnctGOz8Xcyx

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      3.4MB

    • MD5

      6c459077a48b7b9977d19371e7261f8b

    • SHA1

      826709b270955091fed8214d83381ca2e6cdcf87

    • SHA256

      84638bce22e61e495f436e9ddb9e0c6e1b784f8d1e785f48898df60b6796bc02

    • SHA512

      d5c8d40c410e70ae5da77a85bf1ede1844a388dff313b4833cfc515ac89021c50bc4d21097571ccc37b144af199cb703dd77d16d33148ed53d803e5c8991d459

    • SSDEEP

      98304:QYimxKzUlgrFxzbQ9tE1yH0tsrvFWXcyx:+mQzegjnctGOz8Xcyx

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks