General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-k816rsbc5t
-
MD5
a3a8636edc0cc67cae220bb92125c67b
-
SHA1
231b6d7a2da1d95bd672a1f60efa95cb4e42f093
-
SHA256
180f36827740fb634ab470209c5974ecb1a761919767cf4d4172ffbb6d46eedd
-
SHA512
9961b2f2eab9b46bd0f802c690c25547f3aa6d4310c4019b8a8b3ff5e9effad8962764aa8a8d3ebab4c4a766c22a9ef68d61229a492532b5c1b5daecc26a7462
-
SSDEEP
24576:R20L3WLP9Bf0GFEprx6zFE79RIPeRYY/K4+FfmBwSkl5l/Hld:R27LP9F/EpFtIGRYYSHl5V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
a3a8636edc0cc67cae220bb92125c67b
-
SHA1
231b6d7a2da1d95bd672a1f60efa95cb4e42f093
-
SHA256
180f36827740fb634ab470209c5974ecb1a761919767cf4d4172ffbb6d46eedd
-
SHA512
9961b2f2eab9b46bd0f802c690c25547f3aa6d4310c4019b8a8b3ff5e9effad8962764aa8a8d3ebab4c4a766c22a9ef68d61229a492532b5c1b5daecc26a7462
-
SSDEEP
24576:R20L3WLP9Bf0GFEprx6zFE79RIPeRYY/K4+FfmBwSkl5l/Hld:R27LP9F/EpFtIGRYYSHl5V
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-