General
-
Target
file.exe
-
Size
2.0MB
-
Sample
221228-vejdzaah78
-
MD5
18e066da8508f9a9c4718e1efc595146
-
SHA1
9885ffa680739800c0e076cf2d896b0e3f698b26
-
SHA256
3b4be456957333064c84f03554ac51395bb56af98ce223521297fc92b83af9d1
-
SHA512
7d5f8fc3fc34771c70b5cf725e52c22e25a8a6e7c4130bbabac11ba850b1778a34614a2329055487c04bb489fd519925b69bfc5038dfb6c7a80c6c1694eec85a
-
SSDEEP
49152:KivLIL9Eih9Q1mLawY8ZvaMiX7pNz5z0rzqUDXKY:Kiv8hkGdY8ZvaMiVNlizl
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
2.0MB
-
MD5
18e066da8508f9a9c4718e1efc595146
-
SHA1
9885ffa680739800c0e076cf2d896b0e3f698b26
-
SHA256
3b4be456957333064c84f03554ac51395bb56af98ce223521297fc92b83af9d1
-
SHA512
7d5f8fc3fc34771c70b5cf725e52c22e25a8a6e7c4130bbabac11ba850b1778a34614a2329055487c04bb489fd519925b69bfc5038dfb6c7a80c6c1694eec85a
-
SSDEEP
49152:KivLIL9Eih9Q1mLawY8ZvaMiX7pNz5z0rzqUDXKY:Kiv8hkGdY8ZvaMiVNlizl
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-