General
-
Target
file.exe
-
Size
1.8MB
-
Sample
221222-va38kshh9y
-
MD5
cb0ead25146361ce3e9504702e0b2275
-
SHA1
bd39e6edf3269b26c4a3a1a27fece855d6e9e526
-
SHA256
09342b36a9592eacdf7189757e1527bd59fd2f096c46a11a7270d87f280232f6
-
SHA512
d6f81cad4af928c11145bb60053da558451c971d6d06ed1246c6525048503e5fd454312084279f14948be586e8d995a184e43b682afaddbd9ae5d5bbc36e372a
-
SSDEEP
49152:L4I+qI3xH94NGY4M1JPAQ4Zm4rkzAEjjyEWP7p32:Lm3xqN53Pj4rifyEGd2
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.8MB
-
MD5
cb0ead25146361ce3e9504702e0b2275
-
SHA1
bd39e6edf3269b26c4a3a1a27fece855d6e9e526
-
SHA256
09342b36a9592eacdf7189757e1527bd59fd2f096c46a11a7270d87f280232f6
-
SHA512
d6f81cad4af928c11145bb60053da558451c971d6d06ed1246c6525048503e5fd454312084279f14948be586e8d995a184e43b682afaddbd9ae5d5bbc36e372a
-
SSDEEP
49152:L4I+qI3xH94NGY4M1JPAQ4Zm4rkzAEjjyEWP7p32:Lm3xqN53Pj4rifyEGd2
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-