Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    1.9MB

  • Sample

    221229-tztj1ade43

  • MD5

    913e143128f73cb55e85882c86555ad7

  • SHA1

    0774a64ba0e7caafd711584e0eab418c504d1aa2

  • SHA256

    263cf6e3beb5a051135af6126b126b6c3c3d926a0fdaa2cf010476d221c271d4

  • SHA512

    36ea094ded09cad926ea1b58b4eaeaac4634798b075b1769e9d9f67bf999217576d6839051994b134357eee675ebcda8cabdb68229ffae75a82d3e3b0ea8406c

  • SSDEEP

    49152:Bih2AtJkqdle+Qf5GO+7iZMEW0EbElNBH4+Hth96r:BiVar5G1iCEWtYZH4+HtH2

Score
10/10

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

    • Target

      file.exe

    • Size

      1.9MB

    • MD5

      913e143128f73cb55e85882c86555ad7

    • SHA1

      0774a64ba0e7caafd711584e0eab418c504d1aa2

    • SHA256

      263cf6e3beb5a051135af6126b126b6c3c3d926a0fdaa2cf010476d221c271d4

    • SHA512

      36ea094ded09cad926ea1b58b4eaeaac4634798b075b1769e9d9f67bf999217576d6839051994b134357eee675ebcda8cabdb68229ffae75a82d3e3b0ea8406c

    • SSDEEP

      49152:Bih2AtJkqdle+Qf5GO+7iZMEW0EbElNBH4+Hth96r:BiVar5G1iCEWtYZH4+HtH2

    Score
    10/10
    • NyMaim

      NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks