nymaim | 8e3c53be955a39706853a6fa0d3e11d12c57092d6fdc5926bd5d9b1875551341 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

8

Sharing

General

Target

file.exe
Size

1.9MB
Sample

221229-pfgnwagb5v
MD5

ba1d8b54bb381d8b4694806d1c325696
SHA1

5067a25cd96a8d628123f02d5fbd12f08764609a
SHA256

8e3c53be955a39706853a6fa0d3e11d12c57092d6fdc5926bd5d9b1875551341
SHA512

353b4223e5bf6156c698d38c8f582925f521dd63232fe1df43948de18e950a79305bd3b20662ba3af92f4c0f0b90f537971d70ca19917c4a6c1fbf7c2c49324c
SSDEEP

49152:FitsjBjNNy2mWdKTc4sNcj2al3YDDpEhkTxu+4+Hth963:FitsV7y2GSkOZ19u+4+HtHC

Score

10^/10

nymaim discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

nymaim discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  1.9MB
- MD5
  
  ba1d8b54bb381d8b4694806d1c325696
- SHA1
  
  5067a25cd96a8d628123f02d5fbd12f08764609a
- SHA256
  
  8e3c53be955a39706853a6fa0d3e11d12c57092d6fdc5926bd5d9b1875551341
- SHA512
  
  353b4223e5bf6156c698d38c8f582925f521dd63232fe1df43948de18e950a79305bd3b20662ba3af92f4c0f0b90f537971d70ca19917c4a6c1fbf7c2c49324c
- SSDEEP
  
  49152:FitsjBjNNy2mWdKTc4sNcj2al3YDDpEhkTxu+4+Hth963:FitsV7y2GSkOZ19u+4+HtHC
Score

10^/10

nymaim discovery trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

nymaimdiscoverytrojan

behavioral2

© 2018-2025

Terms | Privacy