General
-
Target
56642907086bb2356742b296b74d411ad4304d4a844b5bb87cd36c57f6cc7d9f
-
Size
1.7MB
-
Sample
221227-3pqvssbh8s
-
MD5
72dc1bf8c7766c3b2f05f2d007f1b4bd
-
SHA1
0a78db328aec93caad5e5d82ddee81576d59b4f9
-
SHA256
0436ae50ac2820e465880bc8863790e37526a6b06dc7863d15559b1b89784357
-
SHA512
4dd55009e382a26527d68faade15d93512de061a71241ece6b6b79a7ece12cf5ec20091fbb8e4d339290e6edb0b43b2f31543b404d3f47b0349fa6e2e7337cc6
-
SSDEEP
49152:pNPPyMyDEgP+6nO6OJOWRY0Foh2l6AMzpM:pNPp0+6nOZJNOh2Z
Static task
static1
Behavioral task
behavioral1
Sample
56642907086bb2356742b296b74d411ad4304d4a844b5bb87cd36c57f6cc7d9f.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
56642907086bb2356742b296b74d411ad4304d4a844b5bb87cd36c57f6cc7d9f
-
Size
1.9MB
-
MD5
ef0b47a8cb8a447e97b7cc71a5fe1b4f
-
SHA1
6f26bc9bc32375f8a3b3265a0eec24ced50cd9db
-
SHA256
56642907086bb2356742b296b74d411ad4304d4a844b5bb87cd36c57f6cc7d9f
-
SHA512
d769941620540b2b5bd41fa727680f4c7d6f9c4d25518f19040699ff1f70fec708e6844ae6c21f9fb10edf836a1cc1b01a6c9461fa1845e993b25fa3a9f0930c
-
SSDEEP
49152:66NtjwGmD2CP0Qna6mdOeVYuFw3OOCSgzxn:66NtDG0Qna1dN43OOE
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-