General
-
Target
file.exe
-
Size
1.8MB
-
Sample
221228-v9zz7seb3s
-
MD5
23ef18cc2268d61c01641a23a0a6b886
-
SHA1
06df1267ef3aa404eb17a46878241a9e94458732
-
SHA256
0f1edde03a1ff689bbc432742fa4d319a406b37a25f9b79672419db2d64773ca
-
SHA512
0059d6a8dcfdf6457fb04cb5058c4c3bab0d6ef1ff363f6f8566adc73c1e81d6103c6242183057f344ae4b3173d37f7ad737a64892af149ca920b5d984ee0a27
-
SSDEEP
49152:gi1pw4ZmqzzUIFOmiUUovaMPeYW/dsWLqoIqaCL3NO:gi1vZmck8EJWCnaSg
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.8MB
-
MD5
23ef18cc2268d61c01641a23a0a6b886
-
SHA1
06df1267ef3aa404eb17a46878241a9e94458732
-
SHA256
0f1edde03a1ff689bbc432742fa4d319a406b37a25f9b79672419db2d64773ca
-
SHA512
0059d6a8dcfdf6457fb04cb5058c4c3bab0d6ef1ff363f6f8566adc73c1e81d6103c6242183057f344ae4b3173d37f7ad737a64892af149ca920b5d984ee0a27
-
SSDEEP
49152:gi1pw4ZmqzzUIFOmiUUovaMPeYW/dsWLqoIqaCL3NO:gi1vZmck8EJWCnaSg
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-