General
-
Target
file.exe
-
Size
1.8MB
-
Sample
221222-xn7t2aab91
-
MD5
579f197eff9d9ac201f6c2a379c7e372
-
SHA1
b9ed7401c75d55aabd427ea138ae58eafe8842fc
-
SHA256
46092a14135e95be58018316818e0d1daa983aa373737d717b5ba5715ffd36f8
-
SHA512
43fdef6c63ef78dedff99bb56dd209e829ca40c27aca9661ba4e53e46206c985ed6e8342e5bc96762f04389a2cb868ed82ab70060d0d7612c3f924871e8d1b01
-
SSDEEP
49152:PYXZoph/uwpnQdvfyo43KyliFMTwSrwprT1V4GQWP7p3Q:PY6n/PlInUKy8FMTwfrT1V4GQGdQ
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.8MB
-
MD5
579f197eff9d9ac201f6c2a379c7e372
-
SHA1
b9ed7401c75d55aabd427ea138ae58eafe8842fc
-
SHA256
46092a14135e95be58018316818e0d1daa983aa373737d717b5ba5715ffd36f8
-
SHA512
43fdef6c63ef78dedff99bb56dd209e829ca40c27aca9661ba4e53e46206c985ed6e8342e5bc96762f04389a2cb868ed82ab70060d0d7612c3f924871e8d1b01
-
SSDEEP
49152:PYXZoph/uwpnQdvfyo43KyliFMTwSrwprT1V4GQWP7p3Q:PY6n/PlInUKy8FMTwfrT1V4GQGdQ
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-