General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230110-z4f3cshf72
-
MD5
71f8390ce1b2edf111afca5bd8719045
-
SHA1
33e4ca41487d8ed4f99100eaaab44a4a40f2e1a8
-
SHA256
e3e6c3be58d4b823cf74b2de41672394b7034d0acea5a001d2fe1b9bf240807f
-
SHA512
e3ac339fc9a846812c61bfbfda1e7560f3adafb79c4d4462a56b3f8504eb4a621a2608a3404dbd8988b49df5315ad5524599233e2d5b696949660736120c5e57
-
SSDEEP
24576:R20D+DaFuEDjgk5qYZaNkPqs+q7JBUXI0x9ZN/HcovSkl5l/Hld:R2hDKuED02vpqshC9nfc8l5V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
nymaim
45.139.105.171
85.31.46.167
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
71f8390ce1b2edf111afca5bd8719045
-
SHA1
33e4ca41487d8ed4f99100eaaab44a4a40f2e1a8
-
SHA256
e3e6c3be58d4b823cf74b2de41672394b7034d0acea5a001d2fe1b9bf240807f
-
SHA512
e3ac339fc9a846812c61bfbfda1e7560f3adafb79c4d4462a56b3f8504eb4a621a2608a3404dbd8988b49df5315ad5524599233e2d5b696949660736120c5e57
-
SSDEEP
24576:R20D+DaFuEDjgk5qYZaNkPqs+q7JBUXI0x9ZN/HcovSkl5l/Hld:R2hDKuED02vpqshC9nfc8l5V
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-