General
-
Target
file.exe
-
Size
1.2MB
-
Sample
230109-y29ffsff28
-
MD5
e260131d2f6bc7ac7d8909a130c23b14
-
SHA1
c5a8c005029f6a24c3207c40f33f8567d93a403c
-
SHA256
87689ab18fac220a638cbc49c8d2f19c09d7592d4f0c6e6ecfc2d0959da2ece0
-
SHA512
f7170b3508fa95d7e0c8eeee2de2e8d4de388bdf1ceda0da2dad442c367c8b0c7b0e4f3f0fba69271b44618bf90705e53cdf7e210014da1d41986808ad282d07
-
SSDEEP
24576:R2078XKlYg/JR/kNrmOS5uZVSFxpzrd9j6vs6DMplcMlxCKYURw6Skl5l/Hlc:R2JKWg/J+Nrmd58Mx9b6vdMP16aJl50
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.2MB
-
MD5
e260131d2f6bc7ac7d8909a130c23b14
-
SHA1
c5a8c005029f6a24c3207c40f33f8567d93a403c
-
SHA256
87689ab18fac220a638cbc49c8d2f19c09d7592d4f0c6e6ecfc2d0959da2ece0
-
SHA512
f7170b3508fa95d7e0c8eeee2de2e8d4de388bdf1ceda0da2dad442c367c8b0c7b0e4f3f0fba69271b44618bf90705e53cdf7e210014da1d41986808ad282d07
-
SSDEEP
24576:R2078XKlYg/JR/kNrmOS5uZVSFxpzrd9j6vs6DMplcMlxCKYURw6Skl5l/Hlc:R2JKWg/J+Nrmd58Mx9b6vdMP16aJl50
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-