General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-cf4r7acf41
-
MD5
1658a9d172c902b693f7327aa2906d93
-
SHA1
6c210d2dc64b8fa780e11db2c5ef6f9b7b24ad67
-
SHA256
1571ea73532c5deceee79d3d9c2d1bd891810049f7d0271cd6e39f7a0d0f736c
-
SHA512
ed38e1af81a43cd51532c966205c15b3647dc29ad21cc20c3152fc9018f9719cc823a355d70a49a860f0abf5c2fb828d2dfd563a3d8aa0310502a7367c5ed48d
-
SSDEEP
24576:R20i+jOfuvS6KdylIhgSCkJ19J4KuZMBfuVpnRlcLf6Skl5l/Hlc:R2+OfMpKdyZq74YBCRyLIl50
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
1658a9d172c902b693f7327aa2906d93
-
SHA1
6c210d2dc64b8fa780e11db2c5ef6f9b7b24ad67
-
SHA256
1571ea73532c5deceee79d3d9c2d1bd891810049f7d0271cd6e39f7a0d0f736c
-
SHA512
ed38e1af81a43cd51532c966205c15b3647dc29ad21cc20c3152fc9018f9719cc823a355d70a49a860f0abf5c2fb828d2dfd563a3d8aa0310502a7367c5ed48d
-
SSDEEP
24576:R20i+jOfuvS6KdylIhgSCkJ19J4KuZMBfuVpnRlcLf6Skl5l/Hlc:R2+OfMpKdyZq74YBCRyLIl50
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-