nymaim | 4da15dc32bdeb9405b224478c190a55265d2b0c8a6f38dac35aa4ba032b33f56 | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file
Size

1.7MB
Sample

230112-mxlcaabe7t
MD5

0147dae786453ffdd3605ea7f63d89ae
SHA1

0563fb8d0cc99e21ced82f228fc33e95fa400089
SHA256

4da15dc32bdeb9405b224478c190a55265d2b0c8a6f38dac35aa4ba032b33f56
SHA512

cb8be85072b10db386b80691f87fe15c1b4c74e07a95616565af9f3fbb4d8cde27dce2ef72e0915a12f321af9209581e2aa2058bbfab9e29dc9cb262b6f8f9f7
SSDEEP

49152:228R46ukhWQRQ9TKzlmGPmI90qMd1qapk:P2ukhW3GzlmGPmIqBd1Zi

Score

10^/10

nymaim discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20221111-en

nymaim discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220812-en

nymaim discovery trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  file
- Size
  
  1.7MB
- MD5
  
  0147dae786453ffdd3605ea7f63d89ae
- SHA1
  
  0563fb8d0cc99e21ced82f228fc33e95fa400089
- SHA256
  
  4da15dc32bdeb9405b224478c190a55265d2b0c8a6f38dac35aa4ba032b33f56
- SHA512
  
  cb8be85072b10db386b80691f87fe15c1b4c74e07a95616565af9f3fbb4d8cde27dce2ef72e0915a12f321af9209581e2aa2058bbfab9e29dc9cb262b6f8f9f7
- SSDEEP
  
  49152:228R46ukhWQRQ9TKzlmGPmI90qMd1qapk:P2ukhW3GzlmGPmIqBd1Zi
Score

10^/10

nymaim discovery trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

nymaimdiscoverytrojan

behavioral2

nymaimdiscoverytrojan

© 2018-2024

Terms | Privacy