General
-
Target
0d7ef2ca92b5a1befe83c2bd1506e8f7805a695b1a89517f40b6bdae78298af1
-
Size
2.0MB
-
Sample
221228-sdwa2aaf59
-
MD5
01ccf2015a819e56f7fc3d09913aeeca
-
SHA1
f1ca7b48e62c933b2353043606825214f4fb516d
-
SHA256
1cb6ba9dbf56260d982d260da1957619d98eb4e89e6f1e466e864e5c4cdf340b
-
SHA512
4875f1caacc5bcd11796e158ab312c52bd97f6c372680fb00abc45290a448d0ebefae73f8d82dc75f19936d7542b13692800304786a6d789e3790cb0d48450be
-
SSDEEP
49152:KC8La1IBuhKS8TzdIJZK36AbH2HnENYu1XphY2Eovjl/u4d:B8La6858XEm6AbWHENtXM2EyN
Static task
static1
Behavioral task
behavioral1
Sample
0d7ef2ca92b5a1befe83c2bd1506e8f7805a695b1a89517f40b6bdae78298af1.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
0d7ef2ca92b5a1befe83c2bd1506e8f7805a695b1a89517f40b6bdae78298af1
-
Size
2.1MB
-
MD5
709bb61b45cf4e363a6b17a3edbc1ae8
-
SHA1
88ff2351f4d02ec6133fbf1c91d478253145f4a1
-
SHA256
0d7ef2ca92b5a1befe83c2bd1506e8f7805a695b1a89517f40b6bdae78298af1
-
SHA512
dcb66ef949fc943ac74cb1f2e2dccc1b427248fe1cc6b3865c7ed7c8fff51cb628c8524d25abb5b2e939f8414a97e0ee3e8c303a0771fbd50c5d1aa192fe42a2
-
SSDEEP
49152:WiPqf0ArydCXGXEW+HJzIBZKneAD9MH/mRYullRhW2EneJl/4c9:Wiif0Aryc2H+pweeADSfmRtla2EnOf
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-