General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230109-21nddagb45
-
MD5
8e7df42038ce5d8e1d7ca007d612f887
-
SHA1
7a2871bc5c1dee5be2f326645cd7d2d1511c29e7
-
SHA256
83737994d5fbc7be4ce9367251f5fe664aa98e41e5f050e5a90ac48bdd41c271
-
SHA512
e210ba1febf7191e909352d6500d1e5f50261d34eca1fcfc55a61db5c66b37d3c486cb68502a22a9a515a9dbc617060efaf07c626483be37f2e88d41a1f592f3
-
SSDEEP
24576:R20ajDt5NHE+fOR7RFq3AWqZSYv5SHOa2Tk5EM5USkl5l/Hlc:R2PdHJK76AWqJ5yOTgSl50
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
8e7df42038ce5d8e1d7ca007d612f887
-
SHA1
7a2871bc5c1dee5be2f326645cd7d2d1511c29e7
-
SHA256
83737994d5fbc7be4ce9367251f5fe664aa98e41e5f050e5a90ac48bdd41c271
-
SHA512
e210ba1febf7191e909352d6500d1e5f50261d34eca1fcfc55a61db5c66b37d3c486cb68502a22a9a515a9dbc617060efaf07c626483be37f2e88d41a1f592f3
-
SSDEEP
24576:R20ajDt5NHE+fOR7RFq3AWqZSYv5SHOa2Tk5EM5USkl5l/Hlc:R2PdHJK76AWqJ5yOTgSl50
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-