General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230109-yrjr2sfe69
-
MD5
891afd602b412a90f883a3c40a87d5cc
-
SHA1
1691a98bd56b61b923966d48b8660e345bccc00f
-
SHA256
21b28ba51df381b5eeb784eaa97b053b7c91d54ce33a204def4fceee5e8c3db3
-
SHA512
81a4697be78b1f280a24ff9590daeb890a064d4809173812a530da0168733a0f0092e039e0c62491a75e39aabf4afb21903ca5314aef54b49b91c50f41a41e4a
-
SSDEEP
24576:R20Z3z0jSIP/7T40ROluVAhJEIBpStp6GxxWgHDSkl5l/Hlc:R2K0DP/v40cJEtp6+WgHvl50
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
891afd602b412a90f883a3c40a87d5cc
-
SHA1
1691a98bd56b61b923966d48b8660e345bccc00f
-
SHA256
21b28ba51df381b5eeb784eaa97b053b7c91d54ce33a204def4fceee5e8c3db3
-
SHA512
81a4697be78b1f280a24ff9590daeb890a064d4809173812a530da0168733a0f0092e039e0c62491a75e39aabf4afb21903ca5314aef54b49b91c50f41a41e4a
-
SSDEEP
24576:R20Z3z0jSIP/7T40ROluVAhJEIBpStp6GxxWgHDSkl5l/Hlc:R2K0DP/v40cJEtp6+WgHvl50
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-