General
-
Target
34cc033d41592e325abeda0e1c1cedaab65bc973f20a44c8cefef136da7313b9
-
Size
1.7MB
-
Sample
221230-atcvhshg9v
-
MD5
429f64ed2eac1df98692ec3c28ccc0fc
-
SHA1
43958481309c9386de20843a4747c4f5b8d18a0d
-
SHA256
2036b9c8268877f66b86525e1bb1739ce29e08398c5d5741d41ceb690f1c17a3
-
SHA512
d3269264d51de8bf717ff0b704562c37b7831e13a8e9d21b7ef3486738dd02bcd34932245ac33db1c871679e50e5a592504cc929c5b262cb194dacb8e7780465
-
SSDEEP
49152:Yb/DqXWh/6dR1C6VtUl4JCMOwGvI317kesZAA+nt766U:9XWsRauJVOwGqSeWAA+nt+V
Static task
static1
Behavioral task
behavioral1
Sample
34cc033d41592e325abeda0e1c1cedaab65bc973f20a44c8cefef136da7313b9.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
34cc033d41592e325abeda0e1c1cedaab65bc973f20a44c8cefef136da7313b9
-
Size
1.8MB
-
MD5
43a2f787fe07a55801397d0c39a7d6b6
-
SHA1
5f9f34d67f7432c8fb0fad7710c8f2a180347cfe
-
SHA256
34cc033d41592e325abeda0e1c1cedaab65bc973f20a44c8cefef136da7313b9
-
SHA512
ce22499852e9b0e54b3930b1b42dfd8c146229a30f3de4989f7df10bf62b8182a8f4c485fa291c9b66c82d8ba6368c1e59a0531aa11edc2877230de2456beacf
-
SSDEEP
49152:FiO1v+1WRj6jRVu0VtUJ4NCq4wCvE3Xhkut4+Hth96K:Fiz1WsXaCNz4wCEyut4+HtHP
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-