General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230109-wmftgsae4z
-
MD5
3a3fe9c5086b5298523bc26fc6584cb9
-
SHA1
582f6d4c13061d5b9cd79a7855c2957a1c1169fa
-
SHA256
55ba471643a28233f5a9a63b642ea792f118c4294b5e68a813ce6ba141e15602
-
SHA512
cbabdcbd00d133740fb33f0be2b673465f31ca6f8f5732538afddc8c9e4b672e175de1b693292542d66195dc4b024d3701cc093007d698f1d6f0f40c9bc1cf71
-
SSDEEP
24576:R20V7NUZiZLPL/SNsVRtkP/8idV6hWHY8o0pYw8mrGen9Skl5l/Hlc:R2SZLPL/VRt+/BdV1Y8omzHZl50
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
3a3fe9c5086b5298523bc26fc6584cb9
-
SHA1
582f6d4c13061d5b9cd79a7855c2957a1c1169fa
-
SHA256
55ba471643a28233f5a9a63b642ea792f118c4294b5e68a813ce6ba141e15602
-
SHA512
cbabdcbd00d133740fb33f0be2b673465f31ca6f8f5732538afddc8c9e4b672e175de1b693292542d66195dc4b024d3701cc093007d698f1d6f0f40c9bc1cf71
-
SSDEEP
24576:R20V7NUZiZLPL/SNsVRtkP/8idV6hWHY8o0pYw8mrGen9Skl5l/Hlc:R2SZLPL/VRt+/BdV1Y8omzHZl50
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-