Extracted

• • Target

    file.exe

  • Size

    1.4MB

  • MD5

    5b34a173752f5bb03d4f9acdd653a1c7

  • SHA1

    e009a59290c5a40a90b805ac50ed9ef4d7df3f39

  • SHA256

    01c8911e5590b9815807257eb199ec4339a5f1afd4535303bc29ad03721c7153

  • SHA512

    f0cf9f1df90caa9e833d305774385594d2dae279b3ffddfdf1d4c4c12da70890e699cb98c5d3a4d1ccb00ecba97ac535efb7da1a9ce68ffa9e24e1ef518ed506

  • SSDEEP

    24576:q20IYdFlOtm5bMV0arCkdP682FgOADpaE/z49PkV8bV8G8P7PtTlpk1gXC75ld1s:q22n38wUDAE749PkV8bVf6RTAld1qapk

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2