General
-
Target
file.exe
-
Size
2.0MB
-
Sample
221228-rwvlsadf6x
-
MD5
ee39e09ef5f17f4a7d02053b6e09521d
-
SHA1
ca4eaf27564b73e43e3eb6ceebef5d02c04f3511
-
SHA256
a35a220db8abdcb019f1d97e21bfffd6b7f63ee00b3bcf84a9e56bf55cf10f00
-
SHA512
8d54906126b6d3fde6d31a052cebe81ab40e4a4032f4f7ad7d35689736483537f69920fbad412d71bbfcf9cc4fe19e46f8c18ad65306253b88ffb0847cd2b279
-
SSDEEP
49152:SivLILZDFs2+o9ybx0CQ0Emam+neyMe0neDjoWcwC/T9rfWZTJMX5ZUWiFCUDXKe:Siv842LIx010UlMODjVwb97cJG5WWE
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.0MB
-
MD5
ee39e09ef5f17f4a7d02053b6e09521d
-
SHA1
ca4eaf27564b73e43e3eb6ceebef5d02c04f3511
-
SHA256
a35a220db8abdcb019f1d97e21bfffd6b7f63ee00b3bcf84a9e56bf55cf10f00
-
SHA512
8d54906126b6d3fde6d31a052cebe81ab40e4a4032f4f7ad7d35689736483537f69920fbad412d71bbfcf9cc4fe19e46f8c18ad65306253b88ffb0847cd2b279
-
SSDEEP
49152:SivLILZDFs2+o9ybx0CQ0Emam+neyMe0neDjoWcwC/T9rfWZTJMX5ZUWiFCUDXKe:Siv842LIx010UlMODjVwb97cJG5WWE
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-