General
-
Target
8e4d60fbedd0fda50ffe79d2ad1831790d0258d2d421acb942100e40d2ae0253.exe
-
Size
3.4MB
-
Sample
221204-n8lymabg3w
-
MD5
3c4f62e575eee7954b28d9195a1867b4
-
SHA1
74fe05ba5b7767e2df691cd5d8a8528cc860e724
-
SHA256
8e4d60fbedd0fda50ffe79d2ad1831790d0258d2d421acb942100e40d2ae0253
-
SHA512
ed52afab1bde2fb7f4a59578e1a35ce56ad69a36cddb7c9eaad78a7aa1f9da563037252c507da711398e06e0bf6736401a833bc2b0f2a25c7bd2d4f7cefedd3f
-
SSDEEP
98304:IX3/na2FU1sDpkVZwEUtBmuJsWTftRozfJ2PAEqSldBv/yFXcy5:4fDcsDuwqRdU9qikFXcy5
Static task
static1
Behavioral task
behavioral1
Sample
8e4d60fbedd0fda50ffe79d2ad1831790d0258d2d421acb942100e40d2ae0253.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
8e4d60fbedd0fda50ffe79d2ad1831790d0258d2d421acb942100e40d2ae0253.exe
-
Size
3.4MB
-
MD5
3c4f62e575eee7954b28d9195a1867b4
-
SHA1
74fe05ba5b7767e2df691cd5d8a8528cc860e724
-
SHA256
8e4d60fbedd0fda50ffe79d2ad1831790d0258d2d421acb942100e40d2ae0253
-
SHA512
ed52afab1bde2fb7f4a59578e1a35ce56ad69a36cddb7c9eaad78a7aa1f9da563037252c507da711398e06e0bf6736401a833bc2b0f2a25c7bd2d4f7cefedd3f
-
SSDEEP
98304:IX3/na2FU1sDpkVZwEUtBmuJsWTftRozfJ2PAEqSldBv/yFXcy5:4fDcsDuwqRdU9qikFXcy5
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-