General
-
Target
file.exe
-
Size
1.9MB
-
Sample
221229-qnysssgc9w
-
MD5
00b54b95704b755f28bf48e43de9d131
-
SHA1
42ca5a5a3c351eafd30910b68c4d8b94d614e87d
-
SHA256
4949533d2a1525ea6ae0e0f49e9865359f08f7aac04cedf526b2dbd65083ff89
-
SHA512
0e4a2dd4d0ebf6f6ec04be5b10e6727a7ae79ef093dc6a7f6c8146aa26794a1cef447d85e5c28de64074cfa90914542b01693fb4820e132cb171d072914cb699
-
SSDEEP
24576:bpniPPQBZu5m0QMvFVQNq+fRmARw0hLn7ukMZi5SWBUhGDYum3KQJOP9s4+In2tQ:FiPY5oFYRPpLh55BFEF3Kk4+Hth96N
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.9MB
-
MD5
00b54b95704b755f28bf48e43de9d131
-
SHA1
42ca5a5a3c351eafd30910b68c4d8b94d614e87d
-
SHA256
4949533d2a1525ea6ae0e0f49e9865359f08f7aac04cedf526b2dbd65083ff89
-
SHA512
0e4a2dd4d0ebf6f6ec04be5b10e6727a7ae79ef093dc6a7f6c8146aa26794a1cef447d85e5c28de64074cfa90914542b01693fb4820e132cb171d072914cb699
-
SSDEEP
24576:bpniPPQBZu5m0QMvFVQNq+fRmARw0hLn7ukMZi5SWBUhGDYum3KQJOP9s4+In2tQ:FiPY5oFYRPpLh55BFEF3Kk4+Hth96N
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-