General
-
Target
file.exe
-
Size
1.8MB
-
Sample
221222-zj95psfb73
-
MD5
5a91d2b37cae68aa291131d1d52ad7b3
-
SHA1
168c94495951bc94d28a2e1f1a47866845b991ca
-
SHA256
d029ad7d60d3fcbb3f8b59f2b0dd58f5be27a3135ca2549fffacf16391376a35
-
SHA512
1ded849875d72b04fbb19c426d947bf26b8aeeabe1719d50818dd5a7c561aed49d32c077a3483bde21c92f2c7107ef65967ed88ac0dfa51f7163c84bdf38aca2
-
SSDEEP
49152:zz8fuPahMmD3IPLlir/T8s/AKkyC6YJx5YT6N3+OzWP7p3Y:zz8fyy3IPxOT85KCvdYTYzGdY
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.8MB
-
MD5
5a91d2b37cae68aa291131d1d52ad7b3
-
SHA1
168c94495951bc94d28a2e1f1a47866845b991ca
-
SHA256
d029ad7d60d3fcbb3f8b59f2b0dd58f5be27a3135ca2549fffacf16391376a35
-
SHA512
1ded849875d72b04fbb19c426d947bf26b8aeeabe1719d50818dd5a7c561aed49d32c077a3483bde21c92f2c7107ef65967ed88ac0dfa51f7163c84bdf38aca2
-
SSDEEP
49152:zz8fuPahMmD3IPLlir/T8s/AKkyC6YJx5YT6N3+OzWP7p3Y:zz8fyy3IPxOT85KCvdYTYzGdY
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-