General
-
Target
df90527e770874eb88784b046264948406a41b96c28de9aa89dba47fc025d4f6
-
Size
1.7MB
-
Sample
221229-sr3l9sdc88
-
MD5
dc531cab6d0bee114b990cd41bd56127
-
SHA1
6b9f9b18e69a65c9f4692be9bfff6b6dec69df44
-
SHA256
a492e786aa25249d5b6454f608d77020872dfa791d7d98ef75dc3b90af8b7a30
-
SHA512
c5f34d91e98b5d55af68b36a8ad05339cf754c69a97aaa730b335b0d29eecc5d6917382e9b900033c0620b0ee32eb1798b025bc6340b8503db0f53f028032af5
-
SSDEEP
49152:4k9Agnat9bl6YOBHDPhsyMyJcAbsLO7B/f:TB+TZORrMyJc4J9
Static task
static1
Behavioral task
behavioral1
Sample
df90527e770874eb88784b046264948406a41b96c28de9aa89dba47fc025d4f6.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
df90527e770874eb88784b046264948406a41b96c28de9aa89dba47fc025d4f6
-
Size
1.7MB
-
MD5
da54350451de7c65c44a1ff9de7693c4
-
SHA1
5f7774708a83775248a2e4adba3a494ab71424f3
-
SHA256
df90527e770874eb88784b046264948406a41b96c28de9aa89dba47fc025d4f6
-
SHA512
47c5825ca1285a31b3b8c84a038fd965cdd7f20c7c5851c9891922b1633d36e37158efa843babc8ee6e1cf9142e426f173b4543cc820122bd909c15a1b487cfb
-
SSDEEP
49152:0iVrKktEn93z6KOHvDjnais+/kKRmLOx3ENL:0i5PGBFOLZs+/kktY
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-