General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-ek8caafd7y
-
MD5
7de0d0e781a12576880e625330a7f042
-
SHA1
f01e7c6a22c2dfc53861650442254cbf1d46bc63
-
SHA256
b7ac4c38eb0254df7abebad1d91a4cb6a9ae89fc8f95a216acea5314681e217d
-
SHA512
9efb715fff81b6590fbb7e0da4264a2b4bb21b3825875753edcdf976c85538cb597f13bddc26b9c8af06e6f9157e44729b07cdadbbe5d538438068778babeaab
-
SSDEEP
12288:R20tQcyXjdnvuljIk5FRcu/YiJWj5iGkBLNreAE8WI/FWeXaQ5W5LSklMMdeLu/f:R20ycQdnmlzd/YsqirNrvsBSkl5l/Hld
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
7de0d0e781a12576880e625330a7f042
-
SHA1
f01e7c6a22c2dfc53861650442254cbf1d46bc63
-
SHA256
b7ac4c38eb0254df7abebad1d91a4cb6a9ae89fc8f95a216acea5314681e217d
-
SHA512
9efb715fff81b6590fbb7e0da4264a2b4bb21b3825875753edcdf976c85538cb597f13bddc26b9c8af06e6f9157e44729b07cdadbbe5d538438068778babeaab
-
SSDEEP
12288:R20tQcyXjdnvuljIk5FRcu/YiJWj5iGkBLNreAE8WI/FWeXaQ5W5LSklMMdeLu/f:R20ycQdnmlzd/YsqirNrvsBSkl5l/Hld
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-