Extracted

• • Target

    file.exe

  • Size

    1.3MB

  • MD5

    78d89fdf874dd2cd6d9a7228f9c160bf

  • SHA1

    7b5a4054937bb06bea4f8e2e25355fb8742f3ee3

  • SHA256

    05145111f2c41becbc8974534f8b510cdd11497982c3620b1ff0f9266cce89c0

  • SHA512

    656969f849e71a3f75d2eb32fc1b2ea8e8496a762d83979e590c6965e4fece3f19fee6ec3aaa445b6294e527f725963530409c0b3d8f5941cc120ac6026df09d

  • SSDEEP

    24576:q20IxsuZ0aBbQv9xeiVPmRlSNMj5qNpiLtLbUZFxIEgXC75ld1qSVpk:q2KniQjuSY5qNpiLtLbUZNd1qapk

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2