nymaim | 9466b999d1e6c276e15b3e5141a196bbce6f702a202c48def794e11105231328 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab1822ef22022d6189e055a9eb012ee6.exe
Size

385KB
Sample

221231-mmnpnacg2t
MD5

ab1822ef22022d6189e055a9eb012ee6
SHA1

99299165338fb529f7a6180467c0aedbbde410f5
SHA256

9466b999d1e6c276e15b3e5141a196bbce6f702a202c48def794e11105231328
SHA512

458e553dffd16c850c3e045ae03e23c13130b12f696c7bacef4656a06ae632aa39d4f719e700897e754d890833c1d3ab9eadaa83e75010416fec95d49b05a8b8
SSDEEP

6144:JxQLviJfQMxiZC5BL+qV6vuIFflrUmO11HzO3KaKadlzZYw:JqTiJfQMVVFIFfmmOjO

Score

10^/10

nymaim trojan

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  ab1822ef22022d6189e055a9eb012ee6.exe
- Size
  
  385KB
- MD5
  
  ab1822ef22022d6189e055a9eb012ee6
- SHA1
  
  99299165338fb529f7a6180467c0aedbbde410f5
- SHA256
  
  9466b999d1e6c276e15b3e5141a196bbce6f702a202c48def794e11105231328
- SHA512
  
  458e553dffd16c850c3e045ae03e23c13130b12f696c7bacef4656a06ae632aa39d4f719e700897e754d890833c1d3ab9eadaa83e75010416fec95d49b05a8b8
- SSDEEP
  
  6144:JxQLviJfQMxiZC5BL+qV6vuIFflrUmO11HzO3KaKadlzZYw:JqTiJfQMVVFIFfmmOjO
Score

10^/10

nymaim trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2