MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d9674f4ece2b65ed5f0c305e2d208d69381cbf56c47251a1af279c5d8e73c388. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


NovaSentinel


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments 2
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d9674f4ece2b65ed5f0c305e2d208d69381cbf56c47251a1af279c5d8e73c388
SHA3-384 hash: a03345a7867c6903c856930a7dd98c9b7dcc2cd2d4203fd6a7b23d02c149fdd85c4130ab18b59dba4c35e993288a06c5
SHA1 hash: c749e667aedee22b5011f1aada31de68fd720302
MD5 hash: 35aa93ea645d612e4555909d4d7f7131
humanhash: spring-steak-minnesota-zulu
File name:Mauqes.rar
Download: download sample
Signature NovaSentinel
Create hunting rule
File size:85'574'296 bytes
First seen:2024-03-27 20:56:08 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
Note:This file is a password protected archive. The password is: beta_EKhZFa
ssdeep 1572864:824/hv0rs5i4MvL1URnWUTy0RCnWx3Z59fZREoKF83AnuUvwMqWLtJZIM8GjB:8245v0AiCWU+0ZxD9fZRTK1ptL9R8GN
TLSH T18D18338BF2187C837EB331064D500CD5AE94DF5373E6A6B130495B3AED47A4D738AA62
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Reporter e24111111111111
Tags:Malicord Nova Stealer NovaSentinel pw-beta_EKhZFa rar


Avatar
e24111111154168
Distributed via: www.gamerforyou.com

Intelligence

File Origin
# of uploads :
1
# of downloads :
133
Origin country :
GR GR
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:Mauqes.exe
File size:85'434'784 bytes
SHA256 hash: 8305434b29b81ac25ca20fb395ba48228a76730c157d18dedfb2c1fbf647639f
MD5 hash: cb8cbeab02df3d109ca05e03a93dc0dd
MIME type:application/x-dosexec
Signature NovaSentinel
Vendor Threat Intelligence
Gathering data
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/d9674f4ece2b65ed5f0c305e2d208d69381cbf56c47251a1af279c5d8e73c388
Result
Verdict:
MALICIOUS
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=3ftu6twofns62xymgbpc2ienne4bzp2wyrzfdinpe6of3dttyoea._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

NovaSentinel

rar d9674f4ece2b65ed5f0c305e2d208d69381cbf56c47251a1af279c5d8e73c388

(this sample)

NovaSentinel

Executable exe 8305434b29b81ac25ca20fb395ba48228a76730c157d18dedfb2c1fbf647639f

  
Dropping
SHA256 8305434b29b81ac25ca20fb395ba48228a76730c157d18dedfb2c1fbf647639f
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/2794528/

Comments


Avatar
commented on 2024-03-27 21:06:39 UTC

https://malpedia.caad.fkie.fraunhofer.de/details/win.nova

Avatar
commented on 2024-03-27 21:00:06 UTC

Hawkish Grabber C2: hawkish.fr