General
-
Target
914309fde7871041da22c8fd076e77ff95ee3f90633e720644273d890dfdc086.exe
-
Size
3.4MB
-
Sample
221204-nwwmaseh73
-
MD5
2cd0c08c4ae3a9d0b9a0479f54bb7866
-
SHA1
e063d6de5d46dfb6d8d90f17d252a2540d53b20d
-
SHA256
914309fde7871041da22c8fd076e77ff95ee3f90633e720644273d890dfdc086
-
SHA512
257002df2b9ab4d58019cef124a0fb253f308f55d98a7c0be79d3a3f1e19720baa13e75b5d34369f7a8100bdc4423369fdfd0ba1903144f5054e86c4ebdddb09
-
SSDEEP
98304:ofKAZdB9LbJig1qGgPbM7BDF1xsrCNXcy4:dADXJ11qGgPEpF1xsGNXcy4
Static task
static1
Behavioral task
behavioral1
Sample
914309fde7871041da22c8fd076e77ff95ee3f90633e720644273d890dfdc086.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
914309fde7871041da22c8fd076e77ff95ee3f90633e720644273d890dfdc086.exe
-
Size
3.4MB
-
MD5
2cd0c08c4ae3a9d0b9a0479f54bb7866
-
SHA1
e063d6de5d46dfb6d8d90f17d252a2540d53b20d
-
SHA256
914309fde7871041da22c8fd076e77ff95ee3f90633e720644273d890dfdc086
-
SHA512
257002df2b9ab4d58019cef124a0fb253f308f55d98a7c0be79d3a3f1e19720baa13e75b5d34369f7a8100bdc4423369fdfd0ba1903144f5054e86c4ebdddb09
-
SSDEEP
98304:ofKAZdB9LbJig1qGgPbM7BDF1xsrCNXcy4:dADXJ11qGgPEpF1xsGNXcy4
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-