General
-
Target
file.exe
-
Size
1.2MB
-
Sample
230110-thb9dsge93
-
MD5
8ddbbbdc4bb2a436e141718181e66aa7
-
SHA1
308bbd45c46532d7209acf50878fb15e04be19bb
-
SHA256
fca7aefe9bef061a66884ffd31aaa1757378dd55d0f7eb68fcb8205e85e3a4ec
-
SHA512
91c0c516c66eeeba06a2f49524bd4e39111ba5401141ee29f74a7f522c63f4abb6bf3a44b1ca8d936d413eee4187a90831b8cb816b4073dfc688c2abaa1fab1a
-
SSDEEP
24576:R20r/P0qq18NrwDF580IbuXmObCE/e6ORVD355WA0Skl5l/Hld:R2O0qAkooQXjbCkhOvV57yl5V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.2MB
-
MD5
8ddbbbdc4bb2a436e141718181e66aa7
-
SHA1
308bbd45c46532d7209acf50878fb15e04be19bb
-
SHA256
fca7aefe9bef061a66884ffd31aaa1757378dd55d0f7eb68fcb8205e85e3a4ec
-
SHA512
91c0c516c66eeeba06a2f49524bd4e39111ba5401141ee29f74a7f522c63f4abb6bf3a44b1ca8d936d413eee4187a90831b8cb816b4073dfc688c2abaa1fab1a
-
SSDEEP
24576:R20r/P0qq18NrwDF580IbuXmObCE/e6ORVD355WA0Skl5l/Hld:R2O0qAkooQXjbCkhOvV57yl5V
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-