General

  • Target

    NovaInstaller.exe

  • Size

    152.4MB

  • Sample

    230828-r5rw9abg44

  • MD5

    b22a99d3bcaec970a0ff099b095053fc

  • SHA1

    8f3ddffd78e901182382cd56994fab1e85171359

  • SHA256

    423ecb6f566708e142c7be0cbc1cb7475eb1f6c017c00799592a0a5a124ff13e

  • SHA512

    745b56187b4abf7fbf92cca79f85c436600a83caef7a88d9fa4d7870a425ac111e64d2920357d16018e1bdfb36197b155767a9095912367d2b8e1e2b7909188e

  • SSDEEP

    786432:zpj24RRx7jChNQNt/ZYLy/pGyjOy5l7y953zQ3TtLwSTRpf4P1wT1XKTTmBEA/rI:zN2ExfWNQNt/ZL3+jRuBQ

Score
8/10

Malware Config

Targets

    • Target

      NovaInstaller.exe

    • Size

      152.4MB

    • MD5

      b22a99d3bcaec970a0ff099b095053fc

    • SHA1

      8f3ddffd78e901182382cd56994fab1e85171359

    • SHA256

      423ecb6f566708e142c7be0cbc1cb7475eb1f6c017c00799592a0a5a124ff13e

    • SHA512

      745b56187b4abf7fbf92cca79f85c436600a83caef7a88d9fa4d7870a425ac111e64d2920357d16018e1bdfb36197b155767a9095912367d2b8e1e2b7909188e

    • SSDEEP

      786432:zpj24RRx7jChNQNt/ZYLy/pGyjOy5l7y953zQ3TtLwSTRpf4P1wT1XKTTmBEA/rI:zN2ExfWNQNt/ZL3+jRuBQ

    Score
    8/10
    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks