General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230109-v397lafa54
-
MD5
7616ee061f52d60f35af6636b2aeeb07
-
SHA1
82534a490fe4c910536ee1b567479b7b064f6d47
-
SHA256
2986a1b0378f30de4ccac9371ee3a55280eaecd501aa47d1729120ba0337103c
-
SHA512
fbdadb25bf176452d04851b29ea200af91fe3ee29b080bab5284ad9efcd749a3e62c0a0653af8e7c6ed8c4c59f167294add40a9979249d89d13557e76b80a7b2
-
SSDEEP
24576:R207wmtjpaTAAqkPupKCYJ2JdxTXTSswpfNMzHtpSkl5l/Hlc:R2Pqpa8RsupnqCDqT1ct9l50
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
7616ee061f52d60f35af6636b2aeeb07
-
SHA1
82534a490fe4c910536ee1b567479b7b064f6d47
-
SHA256
2986a1b0378f30de4ccac9371ee3a55280eaecd501aa47d1729120ba0337103c
-
SHA512
fbdadb25bf176452d04851b29ea200af91fe3ee29b080bab5284ad9efcd749a3e62c0a0653af8e7c6ed8c4c59f167294add40a9979249d89d13557e76b80a7b2
-
SSDEEP
24576:R207wmtjpaTAAqkPupKCYJ2JdxTXTSswpfNMzHtpSkl5l/Hlc:R2Pqpa8RsupnqCDqT1ct9l50
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-