General

  • Target

    file.exe

  • Size

    3.6MB

  • Sample

    221204-mkc55sed4y

  • MD5

    1c86792a77e8711a474305e3d9d7be5a

  • SHA1

    4126d1b9c4ad97c5289b09b0829fc570dbc57d4f

  • SHA256

    0f874145d569197d75d5bc1c7de7074823bc5c27b87ed33a27796387d4050a7e

  • SHA512

    426b1218bd6207719c71e50609444f4ed84ce2a172475b3facaa5e904292dfd6c57e6f4d3c47a3d2a7d8fbcb3b71d151411c0264cf097c808b77073ec93062ce

  • SSDEEP

    98304:gxdx+fj6IQnVZXzDdkvgs/0aXlRfcCk9Dd0X85qbkkXcyu:AdYeIQVZXzBkXMaXlRfbk9DKX85qbkkC

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      3.6MB

    • MD5

      1c86792a77e8711a474305e3d9d7be5a

    • SHA1

      4126d1b9c4ad97c5289b09b0829fc570dbc57d4f

    • SHA256

      0f874145d569197d75d5bc1c7de7074823bc5c27b87ed33a27796387d4050a7e

    • SHA512

      426b1218bd6207719c71e50609444f4ed84ce2a172475b3facaa5e904292dfd6c57e6f4d3c47a3d2a7d8fbcb3b71d151411c0264cf097c808b77073ec93062ce

    • SSDEEP

      98304:gxdx+fj6IQnVZXzDdkvgs/0aXlRfcCk9Dd0X85qbkkXcyu:AdYeIQVZXzBkXMaXlRfbk9DKX85qbkkC

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks