Overview

overview

10

Static

static

10

NovaGenR6.exe

windows10-2004-x64

8

Resubmissions

27-10-2024 23:04

241027-22gl8askdn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NovaGenR6.exe

  • Size

    8.2MB

  • Sample

    241027-22gl8askdn

  • MD5

    297e86edb932cf17b22a57efd0fde43b

  • SHA1

    f3e6ce9303d44e7b478f82c662db447cc868ad8a

  • SHA256

    7b19ef629c305578a400d7ad959639d0038da26b778a58fa338d5625fd031825

  • SHA512

    9e6d0f81d0f4a981d30767824965dc34c78c063d00ab589b60b588cad94ad1c9ab0710380b8379949e7bd7f76e26320bcf41db6f039275f0490fc0c560e939e8

  • SSDEEP

    196608:G7yRurErvI9pWjgaAnajMsbSEo2DfQC//OoBPmUb:KyRurEUWjJjIfco4jFvb

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      NovaGenR6.exe

    • Size

      8.2MB

    • MD5

      297e86edb932cf17b22a57efd0fde43b

    • SHA1

      f3e6ce9303d44e7b478f82c662db447cc868ad8a

    • SHA256

      7b19ef629c305578a400d7ad959639d0038da26b778a58fa338d5625fd031825

    • SHA512

      9e6d0f81d0f4a981d30767824965dc34c78c063d00ab589b60b588cad94ad1c9ab0710380b8379949e7bd7f76e26320bcf41db6f039275f0490fc0c560e939e8

    • SSDEEP

      196608:G7yRurErvI9pWjgaAnajMsbSEo2DfQC//OoBPmUb:KyRurEUWjJjIfco4jFvb

    Score
    8/10
    discoveryexecutionupx

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks