General
-
Target
Nova+cheet.exe
-
Size
3.1MB
-
Sample
240820-e1qr6sxbkr
-
MD5
0ae6edb095534fde7de49e56a9922130
-
SHA1
2b91b6119c0cfa5388c3472d12103f68e04d16ba
-
SHA256
b92565384c66a5863bb786681503fc2d3cb61ceef0766f763345c8789c2f9806
-
SHA512
e3d1d0ca398793a16eb2c3296231a0ee01484e4ae2316dd3e52ba89ccc59a3a87b50aeb7f7bfff00d6d8f74af2937bea8b7d7aa77658f43b1b8bab547444fbb5
-
SSDEEP
49152:avQt62XlaSFNWPjljiFa2RoUYIgxRJ6ybR3LoGdgTHHB72eh2NT:avc62XlaSFNWPjljiFXRoUYIgxRJ6s
Behavioral task
behavioral1
Sample
Nova+cheet.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Nova+cheet.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
quasar
1.4.1
Nozims cheat
192.168.1.169:4782
dc6a28df-c0c1-4e0c-adc8-2512fecff7dc
-
encryption_key
03695FA5D11447330420485DB9FD166A251AB067
-
install_name
Nozim.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Java Updater
-
subdirectory
Nozim
Targets
-
-
Target
Nova+cheet.exe
-
Size
3.1MB
-
MD5
0ae6edb095534fde7de49e56a9922130
-
SHA1
2b91b6119c0cfa5388c3472d12103f68e04d16ba
-
SHA256
b92565384c66a5863bb786681503fc2d3cb61ceef0766f763345c8789c2f9806
-
SHA512
e3d1d0ca398793a16eb2c3296231a0ee01484e4ae2316dd3e52ba89ccc59a3a87b50aeb7f7bfff00d6d8f74af2937bea8b7d7aa77658f43b1b8bab547444fbb5
-
SSDEEP
49152:avQt62XlaSFNWPjljiFa2RoUYIgxRJ6ybR3LoGdgTHHB72eh2NT:avc62XlaSFNWPjljiFXRoUYIgxRJ6s
Score10/10-
Quasar payload
-