General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-1xr2qahg93
-
MD5
71746ffcae816e9708d9cf5e0b0e1a46
-
SHA1
f5a9629f44983a6bbd9a4f58852988359bed6100
-
SHA256
6e0fd7dccfea7e522c5f49bc7709effd0778da057e9fff24f95f25cd48db82d4
-
SHA512
ba68c41e1c61e9b725c7a47acaa8aa346936bcdc9177cb830810f834fd439d26a163edaafa27432829a4c2bb81202befda716b69d313b070c19f99c8d9a77a0f
-
SSDEEP
24576:R20bCrWOC8dKarducbnU0JVOiHKVgRNw2f7Z01TTxHSkl5l/Hld:R2tWOC80arducbU0JVOiRPkxbl5V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
71746ffcae816e9708d9cf5e0b0e1a46
-
SHA1
f5a9629f44983a6bbd9a4f58852988359bed6100
-
SHA256
6e0fd7dccfea7e522c5f49bc7709effd0778da057e9fff24f95f25cd48db82d4
-
SHA512
ba68c41e1c61e9b725c7a47acaa8aa346936bcdc9177cb830810f834fd439d26a163edaafa27432829a4c2bb81202befda716b69d313b070c19f99c8d9a77a0f
-
SSDEEP
24576:R20bCrWOC8dKarducbnU0JVOiHKVgRNw2f7Z01TTxHSkl5l/Hld:R2tWOC80arducbU0JVOiRPkxbl5V
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-