General
-
Target
file.exe
-
Size
2.2MB
-
Sample
221228-ta3flsag56
-
MD5
501663fd785c28e53a2bcd52b6fc2cb8
-
SHA1
2d927d14903b7b2f08f683a78d2a4dc008eb79ed
-
SHA256
f86e022dcd8fc13c7e22f28928fc5bd75279ab3a044652d4020d2acec8ff61d2
-
SHA512
05839767906269686ef3f401a5e5e3a49688991edf8c6a587c9ce7da6ffde16f26570481e20d211e3f207608c4d5691aaea9fd0c585926b8f688e06768085966
-
SSDEEP
49152:KivLILBOXdtEpT4k8UsiCUnUN4woqIgyDsiAy2UUDXKA:Kiv8tOXdsTKAC2wpINsiAyM
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.2MB
-
MD5
501663fd785c28e53a2bcd52b6fc2cb8
-
SHA1
2d927d14903b7b2f08f683a78d2a4dc008eb79ed
-
SHA256
f86e022dcd8fc13c7e22f28928fc5bd75279ab3a044652d4020d2acec8ff61d2
-
SHA512
05839767906269686ef3f401a5e5e3a49688991edf8c6a587c9ce7da6ffde16f26570481e20d211e3f207608c4d5691aaea9fd0c585926b8f688e06768085966
-
SSDEEP
49152:KivLILBOXdtEpT4k8UsiCUnUN4woqIgyDsiAy2UUDXKA:Kiv8tOXdsTKAC2wpINsiAyM
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-