General
-
Target
file.exe
-
Size
1.8MB
-
Sample
221229-qvnleadb47
-
MD5
c2e48c937c75f46743f1a18cf0a4d383
-
SHA1
c11cc43899c76609b3884f5092ae543fdc638529
-
SHA256
caca0caf3840a208ac6d6beeb05d04092f219541fd1db82a35a3d458e37865d5
-
SHA512
d231afbbf3e6209854c2278d7e82d355880f2f03b84204064503355ed66df45e7281abc0f53cb48413ffce213b4f876f4f7e766b98b15a468fda31d054b36d63
-
SSDEEP
49152:tiAdNonRkMh+3MvZrav2Xk9tDevPzssShfN4+Hth96J:tiAnoRDh+sXOQvPRsV4+HtHM
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.8MB
-
MD5
c2e48c937c75f46743f1a18cf0a4d383
-
SHA1
c11cc43899c76609b3884f5092ae543fdc638529
-
SHA256
caca0caf3840a208ac6d6beeb05d04092f219541fd1db82a35a3d458e37865d5
-
SHA512
d231afbbf3e6209854c2278d7e82d355880f2f03b84204064503355ed66df45e7281abc0f53cb48413ffce213b4f876f4f7e766b98b15a468fda31d054b36d63
-
SSDEEP
49152:tiAdNonRkMh+3MvZrav2Xk9tDevPzssShfN4+Hth96J:tiAnoRDh+sXOQvPRsV4+HtHM
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-