nymaim | cf5b023a3d771e310d1fc855095c08f069c8161d37a63b1577391ad7c07dc3b2 | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

1.8MB
Sample

221224-m443zadb4y
MD5

6eb562d13b2d1356d2dee940ec5adc3d
SHA1

fdef1c2caa5ff1a4d62fc371ee76e3ebb3f45611
SHA256

cf5b023a3d771e310d1fc855095c08f069c8161d37a63b1577391ad7c07dc3b2
SHA512

499c6ba4e837d2af8ec994a7d4304f7835659c198c49176be0b264bba2e9859c395e119253301e579681117a8381a7b260dc213c411c56d90d2d226951fcd251
SSDEEP

24576:RizigAhGmA9QbBREPulEWC1rHXydwgdKms698m0IT6QRdulHHHH5/+7NtYr6euJr:6iumgpPKDczXgQa8mfTUlHnH47/YrZaB

Score

10^/10

nymaim discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20221111-en

nymaim discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220812-en

nymaim discovery trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  1.8MB
- MD5
  
  6eb562d13b2d1356d2dee940ec5adc3d
- SHA1
  
  fdef1c2caa5ff1a4d62fc371ee76e3ebb3f45611
- SHA256
  
  cf5b023a3d771e310d1fc855095c08f069c8161d37a63b1577391ad7c07dc3b2
- SHA512
  
  499c6ba4e837d2af8ec994a7d4304f7835659c198c49176be0b264bba2e9859c395e119253301e579681117a8381a7b260dc213c411c56d90d2d226951fcd251
- SSDEEP
  
  24576:RizigAhGmA9QbBREPulEWC1rHXydwgdKms698m0IT6QRdulHHHH5/+7NtYr6euJr:6iumgpPKDczXgQa8mfTUlHnH47/YrZaB
Score

10^/10

nymaim discovery trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

nymaimdiscoverytrojan

behavioral2

nymaimdiscoverytrojan

© 2018-2025

Terms | Privacy