Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    file

  • Size

    2.0MB

  • Sample

    221221-s86egscf23

  • MD5

    bd131e80a69654a35f0c3e7d15fbd69b

  • SHA1

    ad9c98bf2ac29cb3d430cf9514e7feb16cf1d3d6

  • SHA256

    a60ebc15a0e60029427b0c8679fc811875b3a4f38e24ca141cc0f631cb2ac9ea

  • SHA512

    ee2a0c39e5852b4f0217de9cae565ceed4ef49f3fd2f19028c86d90e3d99c1c5529754b18cc46c5726a7e431b241746e05be8f1bb44a24ddb69217aab203aaae

  • SSDEEP

    49152:aptsS8ig3foGgJRTc+JE9DIiesyprIsmnh0BgFBXjSgzxa:aL7PTc+JMs71IVh0Bem

Score
10/10
nymaimdiscoverytrojan

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file

    • Size

      2.0MB

    • MD5

      bd131e80a69654a35f0c3e7d15fbd69b

    • SHA1

      ad9c98bf2ac29cb3d430cf9514e7feb16cf1d3d6

    • SHA256

      a60ebc15a0e60029427b0c8679fc811875b3a4f38e24ca141cc0f631cb2ac9ea

    • SHA512

      ee2a0c39e5852b4f0217de9cae565ceed4ef49f3fd2f19028c86d90e3d99c1c5529754b18cc46c5726a7e431b241746e05be8f1bb44a24ddb69217aab203aaae

    • SSDEEP

      49152:aptsS8ig3foGgJRTc+JE9DIiesyprIsmnh0BgFBXjSgzxa:aL7PTc+JMs71IVh0Bem

    Score
    10/10
    nymaimdiscoverytrojan

    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

      trojannymaim

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks