Extracted

• • Target

    file

  • Size

    1.7MB

  • MD5

    52d3897d485bc5fa3a1244cea400ef29

  • SHA1

    e6299135df88ac26ce54d1bc4a678d66bbbc2cb7

  • SHA256

    91e73e227e3c0c96e3fe2ccc8c2f51996eeb3033d910b1c76dec00df119187f0

  • SHA512

    d1f82925a289649d7d2e9ad10d4f967e26ba143413c9eee32d0eb83f41b48d58601af31e87657d9c6c023c4b626cf3c19130ff8e7564c0468f63189d01e17171

  • SSDEEP

    49152:OlLgk20k4Vuz19M4kUnmPjMgso2ZPdINeVib:Olo0/+9pnmjrkvib

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2