Extracted

• • Target

    file.exe

  • Size

    1.4MB

  • MD5

    ca90601142322919132754580343a814

  • SHA1

    aa69926637308216f17ddf78a9cdb2efa8f4ba52

  • SHA256

    5719014741a52b2f33b20ff98a16f00f993cc88f2d3780ec36d1217698c34e79

  • SHA512

    8b168bc2ba25ab6fddbac7fdecd86ba106e73f7dac12f26b313012c8868b5f0251c086b2b249550211f4174fc01864da9252a27ba71904ad8854abde7ddbf378

  • SSDEEP

    24576:q20IvwVcYQlaAOh2j54WCfTReU4tbs5JA1GN+jOdzVz5gXC75ld1qSVpk:q2oiYQlaAjXCfTReU4w5JwGhxVzRd1qP

  Score

  10^/10

  nymaimdiscoverytrojan

  • NyMaim

    NyMaim is a malware with various capabilities written in C++ and first seen in 2013.

    trojannymaim

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2