General
-
Target
file.exe
-
Size
1.8MB
-
Sample
221223-qsdnesbf7w
-
MD5
de73103fff1123ca58129f5525534662
-
SHA1
2cb7b69994819a7bc92a9f45a579a7ba916293d0
-
SHA256
7f2dda438d0a93bf32583e68fce86509666e2fb3029c9d2618a686045c5a69f5
-
SHA512
96dd8030fc98782602f4a88c0b93a730b54db3299c5a6aba8f181507093778fdf852ff4a076698e8cc82a921af1b07325d85c7a7cd753c5e5bb5df91ffbaa771
-
SSDEEP
49152:LFMgYlkaq+qoqpla22T0AgM13ccXWP7p3C:LFMgYlnqoqWgccGGdC
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.8MB
-
MD5
de73103fff1123ca58129f5525534662
-
SHA1
2cb7b69994819a7bc92a9f45a579a7ba916293d0
-
SHA256
7f2dda438d0a93bf32583e68fce86509666e2fb3029c9d2618a686045c5a69f5
-
SHA512
96dd8030fc98782602f4a88c0b93a730b54db3299c5a6aba8f181507093778fdf852ff4a076698e8cc82a921af1b07325d85c7a7cd753c5e5bb5df91ffbaa771
-
SSDEEP
49152:LFMgYlkaq+qoqpla22T0AgM13ccXWP7p3C:LFMgYlnqoqWgccGGdC
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-