Static task
static1
Behavioral task
behavioral1
Sample
Novage New Purchase Order.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Novage New Purchase Order.exe
Resource
win10v2004-20240419-en
General
-
Target
Novage New Purchase Order.7z
-
Size
365KB
-
MD5
4b58788393ed34d4b9451e48bffd1090
-
SHA1
7318f3389033ad0855454219eb488343a5726121
-
SHA256
eac92a3c12d89e77ea81e69f157c6d338ef67fc1cac500fe817a0091950da1b5
-
SHA512
7826a4e97d6a4e38e4f6e868132a1844da083e6822b1caaf09b2a3d17c4d49ee567e1789f6fe135933f01cf72b2da7d188d077f3438f1b9e2cbb9d019e0c85d0
-
SSDEEP
6144:2H/8ZyGgvEZ9+tS+y7i2niw0fIt4ApNkMW+jyyKNqdRYnIrgeRWrZ9E3rC6:2H/8Z9gvEyS+yUw0fISSNk2wNqFgeRWS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Novage New Purchase Order.exe
Files
-
Novage New Purchase Order.7z.7z
-
Novage New Purchase Order.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 335KB - Virtual size: 335KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 212KB - Virtual size: 211KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ