General
-
Target
file.exe
-
Size
1.2MB
-
Sample
230109-z4z58sfh27
-
MD5
23515ae01856c0f21454e9fc4038b045
-
SHA1
9127e2bd00c2b6cf31e2cf393a2bfce06bc21652
-
SHA256
d82f587ba9a04d7f867084296cb76c8ce7da13317fa6abdc8d0e246e88e88adf
-
SHA512
7f6f5c1eb9ca32443ea19d12ad1e25b8a38e536e2e5e14668540489425ac908c84176feeb57ccc99ac9b746db47554370d5d918fd81c3b0d3c864758624e34d6
-
SSDEEP
24576:R20/ZdlLtgkM5y5Aa5FANCsGXH6B4wxLPl9b0XRDKxOSkl5l/Hlc:R2SPt3y8AaBaKwhPrb9al50
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.2MB
-
MD5
23515ae01856c0f21454e9fc4038b045
-
SHA1
9127e2bd00c2b6cf31e2cf393a2bfce06bc21652
-
SHA256
d82f587ba9a04d7f867084296cb76c8ce7da13317fa6abdc8d0e246e88e88adf
-
SHA512
7f6f5c1eb9ca32443ea19d12ad1e25b8a38e536e2e5e14668540489425ac908c84176feeb57ccc99ac9b746db47554370d5d918fd81c3b0d3c864758624e34d6
-
SSDEEP
24576:R20/ZdlLtgkM5y5Aa5FANCsGXH6B4wxLPl9b0XRDKxOSkl5l/Hlc:R2SPt3y8AaBaKwhPrb9al50
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-