General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-qsdnesca2y
-
MD5
c9dd85832b7628afe723dfe27b352b7a
-
SHA1
acc0bc6db748bbb126a59894510c6069324d3243
-
SHA256
afe6e94ed84c442357f5f1edf24d716adde5dadf4d5b0ccc36b4820817f36a08
-
SHA512
3ee7f40c26478c917d8d3569c767babc71276c9de1efc7f2bb24a6ccb5d23d59e463b709fb71a0bcb240746610cfc2376809aa11b520cd2c396e090c56251371
-
SSDEEP
24576:R20WZI7ad3mflZ3M3Ud4+sErgaELK/y1q4NSkl5l/Hld:R2d3mflZ3aUEgCl5V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
c9dd85832b7628afe723dfe27b352b7a
-
SHA1
acc0bc6db748bbb126a59894510c6069324d3243
-
SHA256
afe6e94ed84c442357f5f1edf24d716adde5dadf4d5b0ccc36b4820817f36a08
-
SHA512
3ee7f40c26478c917d8d3569c767babc71276c9de1efc7f2bb24a6ccb5d23d59e463b709fb71a0bcb240746610cfc2376809aa11b520cd2c396e090c56251371
-
SSDEEP
24576:R20WZI7ad3mflZ3M3Ud4+sErgaELK/y1q4NSkl5l/Hld:R2d3mflZ3aUEgCl5V
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-