General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-vj468sce4s
-
MD5
4fea6e49f87990ae90945e9c94e97edc
-
SHA1
4c52e0258e15f48a7e62dc14215c8438fce121a7
-
SHA256
f28e2ce0fba538e298e8c905fed16979f7e01d2b9d9855e0de4f3e74cda8918a
-
SHA512
ccfabda1d4a5e8d375d120521b964121f7dec25f902bd05678e07b99882315efd17649be2d798ae457eb151c68249d50d19edd220834575e124e1e766faf9d6e
-
SSDEEP
24576:R20ovwQyGNLoNYOk3aX+qVob8pLbbYBt13MSkl5l/Hld:R2xvRoND9obuL3o+l5V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
4fea6e49f87990ae90945e9c94e97edc
-
SHA1
4c52e0258e15f48a7e62dc14215c8438fce121a7
-
SHA256
f28e2ce0fba538e298e8c905fed16979f7e01d2b9d9855e0de4f3e74cda8918a
-
SHA512
ccfabda1d4a5e8d375d120521b964121f7dec25f902bd05678e07b99882315efd17649be2d798ae457eb151c68249d50d19edd220834575e124e1e766faf9d6e
-
SSDEEP
24576:R20ovwQyGNLoNYOk3aX+qVob8pLbbYBt13MSkl5l/Hld:R2xvRoND9obuL3o+l5V
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-