Extracted

• • Target

    file.exe

  • Size

    1.5MB

  • MD5

    c0fd07553cf811cca30558dfff08dc42

  • SHA1

    1dc57a4ec51025cd0adf7f07ae87fd8f8ccb0d07

  • SHA256

    22f55b6fb8f67efba66e66cdb0ae32fd0e93c4e29e855c6794ebd2e854b49b5e

  • SHA512

    133f9f6f9ec1d2d4ff47f46b6bf0da792faded0f247c91179b65ca8a119f9d6e8a781b9a8d2b5f2cfa3fc0df229b76caa90e629891f3a036e63488819b039cd9

  • SSDEEP

    24576:220Sx+VsSXLxNF1/bC54AOtipMhb3x1mm52qjhSOpZIVwzOy6fvqpIgXC75ld1qP:2287XtP1TCaAQGPqjYfyOd1qapk

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2