nymaim | cd7e585c5210c79d6970caf6a55bb27bcdf1776e4a99a81974159a5a2c9ee58d | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

1.2MB
Sample

230111-vjj63ade98
MD5

85a1e598ffd0f3278ac583bf1a13f5c1
SHA1

54803894af791506f75c6c44b1e07d89c8bae9d6
SHA256

cd7e585c5210c79d6970caf6a55bb27bcdf1776e4a99a81974159a5a2c9ee58d
SHA512

ebca9ba5350c00b794082e4b55140d37fe1cb478d7d96027ad355e254d4c73eee629b767903cc74ec61eda54376b9e5a6054762cb1a4de25c9a47f7a24606183
SSDEEP

24576:q20ID/3U1fOQHD5DAb4WhjJf5JszgRz+hYxPgXC75ld1qSVpk:q2z3Yw4+f5Jf9m2d1qapk

Score

10^/10

nymaim discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20221111-en

nymaim discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

nymaim discovery trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  1.2MB
- MD5
  
  85a1e598ffd0f3278ac583bf1a13f5c1
- SHA1
  
  54803894af791506f75c6c44b1e07d89c8bae9d6
- SHA256
  
  cd7e585c5210c79d6970caf6a55bb27bcdf1776e4a99a81974159a5a2c9ee58d
- SHA512
  
  ebca9ba5350c00b794082e4b55140d37fe1cb478d7d96027ad355e254d4c73eee629b767903cc74ec61eda54376b9e5a6054762cb1a4de25c9a47f7a24606183
- SSDEEP
  
  24576:q20ID/3U1fOQHD5DAb4WhjJf5JszgRz+hYxPgXC75ld1qSVpk:q2z3Yw4+f5Jf9m2d1qapk
Score

10^/10

nymaim discovery trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

nymaimdiscoverytrojan

behavioral2

nymaimdiscoverytrojan

© 2018-2024

Terms | Privacy