Static task
static1
Behavioral task
behavioral1
Sample
novitec_ldr.exe
Resource
win10ltsc2021-20250113-en
General
-
Target
novitec_ldr.exe
-
Size
7.1MB
-
MD5
026a4dcb48fc7b933df2d0b0e0e8af7f
-
SHA1
7228438aaff696b4c2ac45111878eb07a73a352c
-
SHA256
c61e0b4135a35de8d17a9762cc6de64035a23184e8a52d044c1e3cea9c9ab3c2
-
SHA512
63ae1635ce0ee5a9eef74bb8a11f9af549c88c73f165f59cb7ad472c661477c48de9bd60ba4148553441de6dfb96d6c8600060911c5fa8241a354f3c09492ed3
-
SSDEEP
196608:xzWSvZ3F5of+dj1ryuYbzFn9HHoUVjm1idYG0jq:x6SvZV5bhYPp9nooh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource novitec_ldr.exe
Files
-
novitec_ldr.exe.exe windows:6 windows x64 arch:x64
c811b859ae31ad5c1a2fbbc1741fb403
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
d3dx11_43
D3DX11CreateShaderResourceViewFromMemory
d3d11
D3D11CreateDeviceAndSwapChain
ntdll
RtlUnwind
kernel32
QueryPerformanceFrequency
user32
FindWindowA
advapi32
RegOpenKeyExA
ws2_32
WSAGetLastError
imm32
ImmSetCompositionWindow
d3dcompiler_43
D3DCompile
dwmapi
DwmExtendFrameIntoClientArea
dbghelp
ImageNtHeader
Sections
.text Size: - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 354KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.KLM Size: - Virtual size: 3.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.JL3 Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.m&X Size: 7.1MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ