Extracted

• • Target

    file

  • Size

    1.7MB

  • MD5

    9971082e679aa0f04ad6d22718d65d69

  • SHA1

    48e72371930ae729c3866190a008d281dab7623a

  • SHA256

    ab8845181c548a1c8d9d9c59931662f2e5fe20b51531541b183c513b2b32f8de

  • SHA512

    1f548d1b8bcc9a1cd7fb89faccce2a0410f04ca689b6747b45c685924c70a5abeb41504346ba061fa70b9d8d1e48090929c8fa31ff32b08babcafaa437344d76

  • SSDEEP

    24576:FizEGOzoCjwhM5fajMFzO/E3L/4zewVzgNDgBASKWv1aUT3VLb1bgHHgZIY7eCLu:uyr95iw5O/Mj0+UBLKWkKRhbggNeViw

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2