nymaim | 89766517d1ae27789659bf5077acd8e33af2d921b8e00a2d340c7e3225f3b96e | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

1.5MB
Sample

230113-bnyepsge9z
MD5

318ca96c7576eb3132c6afffdb233727
SHA1

1f59b5c0d6c4b568d9c5b1059e374a02ac25442b
SHA256

89766517d1ae27789659bf5077acd8e33af2d921b8e00a2d340c7e3225f3b96e
SHA512

28e412985cf59319b17cef272213be4a259e40c8fc3b6f09fb3bf06c1fcab2ee3e54815da748bcf2a94045c6a916732f1eb2b17b66762a7898ff50a4d4222e3f
SSDEEP

24576:220Sx+fkcy8bxvWQFCt7baWgFIswoh/MkKdvsiigXC75ld1qSVpk:228s7oxeQcbanFIswUGlmd1qapk

Score

10^/10

nymaim discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220901-en

nymaim discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

nymaim discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

nymaim

C2

45.139.105.171

85.31.46.167

Targets

- Target
  
  file.exe
- Size
  
  1.5MB
- MD5
  
  318ca96c7576eb3132c6afffdb233727
- SHA1
  
  1f59b5c0d6c4b568d9c5b1059e374a02ac25442b
- SHA256
  
  89766517d1ae27789659bf5077acd8e33af2d921b8e00a2d340c7e3225f3b96e
- SHA512
  
  28e412985cf59319b17cef272213be4a259e40c8fc3b6f09fb3bf06c1fcab2ee3e54815da748bcf2a94045c6a916732f1eb2b17b66762a7898ff50a4d4222e3f
- SSDEEP
  
  24576:220Sx+fkcy8bxvWQFCt7baWgFIswoh/MkKdvsiigXC75ld1qSVpk:228s7oxeQcbanFIswUGlmd1qapk
Score

10^/10

nymaim discovery trojan
- NyMaim
  NyMaim is a malware with various capabilities written in C++ and first seen in 2013.
  trojan nymaim
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

nymaimdiscoverytrojan

behavioral2

nymaimdiscoverytrojan

© 2018-2024

Terms | Privacy