General
-
Target
NovaFix.exe
-
Size
15.8MB
-
Sample
241116-rnk3daxkez
-
MD5
17660ffd18fea1aef4b0211aa64eadaf
-
SHA1
c490b67db3ca9b660bdd75e9289a6320c8468356
-
SHA256
848db7fd2e97fc55b86ea5b52db37680f1f7f80e0940483002d7e903266180d7
-
SHA512
bda84e8618df836bc287cd676eb8894ea76ada0df120f7f3697bf8eb6089d74e19c3141b57d32811c8edbee610b9347e40c0c1e78072bbfe2d70b71e5652857f
-
SSDEEP
393216:uiIE7Yo9+4uOwKntpUTLfhJsW+eGQRe9jo7BGcG/3JrO0WCWLu:v7r9+RONHUTLJSW+e5Re9M0VWLu
Behavioral task
behavioral1
Sample
NovaFix.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
NovaFix.exe
-
Size
15.8MB
-
MD5
17660ffd18fea1aef4b0211aa64eadaf
-
SHA1
c490b67db3ca9b660bdd75e9289a6320c8468356
-
SHA256
848db7fd2e97fc55b86ea5b52db37680f1f7f80e0940483002d7e903266180d7
-
SHA512
bda84e8618df836bc287cd676eb8894ea76ada0df120f7f3697bf8eb6089d74e19c3141b57d32811c8edbee610b9347e40c0c1e78072bbfe2d70b71e5652857f
-
SSDEEP
393216:uiIE7Yo9+4uOwKntpUTLfhJsW+eGQRe9jo7BGcG/3JrO0WCWLu:v7r9+RONHUTLJSW+e5Re9M0VWLu
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-