General

  • Target

    file.exe

  • Size

    2.0MB

  • Sample

    221229-3svcdshg4v

  • MD5

    8054614808b048e41ab7f66ac47c17d2

  • SHA1

    56d99598063c3f509617fb0089b49d8c5229ef73

  • SHA256

    7d9882cb0e9412c26a973fb7034b30cc8eddcbe3cda8ef37869a45d1b277e791

  • SHA512

    20f79528ea5f0608dbeaea52dedb3c110491b697c233632d46716dffcd7e1980f2e0371cdc5599dfb90e05cb9638c5626561aee5c5d4cd2436c9045b0159f060

  • SSDEEP

    49152:ViUBW3aaOkWzuoNWZTaFfmjLywO9qo2Q/XJ4/69ixo4+Hth96Z:ViUB2ZyDw+tmjLyn2s4/69Co4+HtHg

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      2.0MB

    • MD5

      8054614808b048e41ab7f66ac47c17d2

    • SHA1

      56d99598063c3f509617fb0089b49d8c5229ef73

    • SHA256

      7d9882cb0e9412c26a973fb7034b30cc8eddcbe3cda8ef37869a45d1b277e791

    • SHA512

      20f79528ea5f0608dbeaea52dedb3c110491b697c233632d46716dffcd7e1980f2e0371cdc5599dfb90e05cb9638c5626561aee5c5d4cd2436c9045b0159f060

    • SSDEEP

      49152:ViUBW3aaOkWzuoNWZTaFfmjLywO9qo2Q/XJ4/69ixo4+Hth96Z:ViUB2ZyDw+tmjLyn2s4/69Co4+HtHg

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks