General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-1c2enade4z
-
MD5
6fd88842e28132bc8e976839215af2bc
-
SHA1
546d68aeb1ac4efbfffc17adf1f3e67824282e3f
-
SHA256
86904269d5de2be23a181ac5f6237c05d94a15428c3bbee861fa04f2d2c63d51
-
SHA512
de1a665108f09edb023f53510245240193b0ab7103f5974992bdb8cda1c899efdd8ac0a3770c2f34e96da1e6ce991406708fc716e14e75e04727fab3bdcc6e78
-
SSDEEP
24576:R20BURYSTxczVlFOFhntv7WdnxfwYlBxgIQfyVO5wmmtXkqXSkl5l/Hld:R2uOxcxlF2ntv7WdOGxmt500Ql5V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
6fd88842e28132bc8e976839215af2bc
-
SHA1
546d68aeb1ac4efbfffc17adf1f3e67824282e3f
-
SHA256
86904269d5de2be23a181ac5f6237c05d94a15428c3bbee861fa04f2d2c63d51
-
SHA512
de1a665108f09edb023f53510245240193b0ab7103f5974992bdb8cda1c899efdd8ac0a3770c2f34e96da1e6ce991406708fc716e14e75e04727fab3bdcc6e78
-
SSDEEP
24576:R20BURYSTxczVlFOFhntv7WdnxfwYlBxgIQfyVO5wmmtXkqXSkl5l/Hld:R2uOxcxlF2ntv7WdOGxmt500Ql5V
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-