NewActive.exe

General
Target

NewActive.exe

Size

3MB

Sample

201119-s3p5le3qh2

Score
8 /10
MD5

f81c3a1b8349453e85f80b1ac56f44be

SHA1

0b7f75782b2a7de6b4183414680a55f7410c71d7

SHA256

dab82dbf7e6f18b280412c26c65959538a7c184aadab205e49813c2474dc0547

SHA512

3fe024bb8e93bec33a2ed911e13091c6784c4eb6710262bdea8a3614ec174e7ac51d9c4a1a38d4be4b3386e44b8155780e3565a8775da7170bb1fd83ab256cea

Malware Config
Targets
Target

NewActive.exe

MD5

f81c3a1b8349453e85f80b1ac56f44be

Filesize

3MB

Score
8 /10
SHA1

0b7f75782b2a7de6b4183414680a55f7410c71d7

SHA256

dab82dbf7e6f18b280412c26c65959538a7c184aadab205e49813c2474dc0547

SHA512

3fe024bb8e93bec33a2ed911e13091c6784c4eb6710262bdea8a3614ec174e7ac51d9c4a1a38d4be4b3386e44b8155780e3565a8775da7170bb1fd83ab256cea

Tags

Signatures

  • Executes dropped EXE

  • UPX packed file

    Description

    Detects executables packed with UPX/modified UPX open source packer.

    Tags

  • Loads dropped DLL

  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        8/10

                        behavioral2

                        8/10