General
-
Target
4949533d2a1525ea6ae0e0f49e9865359f08f7aac04cedf526b2dbd65083ff89
-
Size
1.8MB
-
Sample
221229-3kxsjshg21
-
MD5
0f3957f071eafa67014a08859a64a716
-
SHA1
0a713db28899abd4ce7ea52ce93c261a754d8b82
-
SHA256
5492f6f05e06cb2a3d2a91a8b445534eab568eb270aab65b7e0a4922e0f85bec
-
SHA512
80cc45e10022f06dcfb086dd804adf1373c367f4b167ac5d51ab48c70c2a8af419652a9518bf8392d79eea9a31eb28beeb5bec367e1bbd6a48efd1bf6dd0c661
-
SSDEEP
24576:fhHt/RTYBhoNIYQexFHQn2EfDiAr+0hLH7ykMHi5SYBshGvqkm3wyJCpa642InEV:fhN58JkFeDJjLD5ZB9ir3wnh42ztdy6l
Static task
static1
Behavioral task
behavioral1
Sample
4949533d2a1525ea6ae0e0f49e9865359f08f7aac04cedf526b2dbd65083ff89.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
4949533d2a1525ea6ae0e0f49e9865359f08f7aac04cedf526b2dbd65083ff89
-
Size
1.9MB
-
MD5
00b54b95704b755f28bf48e43de9d131
-
SHA1
42ca5a5a3c351eafd30910b68c4d8b94d614e87d
-
SHA256
4949533d2a1525ea6ae0e0f49e9865359f08f7aac04cedf526b2dbd65083ff89
-
SHA512
0e4a2dd4d0ebf6f6ec04be5b10e6727a7ae79ef093dc6a7f6c8146aa26794a1cef447d85e5c28de64074cfa90914542b01693fb4820e132cb171d072914cb699
-
SSDEEP
24576:bpniPPQBZu5m0QMvFVQNq+fRmARw0hLn7ukMZi5SWBUhGDYum3KQJOP9s4+In2tQ:FiPY5oFYRPpLh55BFEF3Kk4+Hth96N
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-