General
-
Target
caca0caf3840a208ac6d6beeb05d04092f219541fd1db82a35a3d458e37865d5.zip
-
Size
1.7MB
-
Sample
221229-s3cvzsgf3v
-
MD5
472149b30c771a4afaa76185dcb601a1
-
SHA1
1b6ca0c33ecf7d7bdcc7e9f5aa0450711388375e
-
SHA256
40ea98e697ae8d7a2ca68fc3f2b6746787ec1d7155738804dd32efac6f531e50
-
SHA512
7a427ec97c7a938d93d7a57986f129a0ff558b9b9caacd90aa78e3ff388a147c229532aab5de82b65affc3c4f6730108abdba0db34bbd3b3b387c52ca580eef4
-
SSDEEP
49152:sgBini6V2sdF+p6X/Y2/huPD1hVpSxs/CLjAlO:sgcnic2x6XwIuP+YSjAw
Static task
static1
Behavioral task
behavioral1
Sample
caca0caf3840a208ac6d6beeb05d04092f219541fd1db82a35a3d458e37865d5.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
caca0caf3840a208ac6d6beeb05d04092f219541fd1db82a35a3d458e37865d5.exe
-
Size
1.8MB
-
MD5
c2e48c937c75f46743f1a18cf0a4d383
-
SHA1
c11cc43899c76609b3884f5092ae543fdc638529
-
SHA256
caca0caf3840a208ac6d6beeb05d04092f219541fd1db82a35a3d458e37865d5
-
SHA512
d231afbbf3e6209854c2278d7e82d355880f2f03b84204064503355ed66df45e7281abc0f53cb48413ffce213b4f876f4f7e766b98b15a468fda31d054b36d63
-
SSDEEP
49152:tiAdNonRkMh+3MvZrav2Xk9tDevPzssShfN4+Hth96J:tiAnoRDh+sXOQvPRsV4+HtHM
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-