NewActive.exe

General
Target

NewActive.exe

Size

3MB

Sample

201119-s3p5le3qh2

Score
8 /10
MD5

f81c3a1b8349453e85f80b1ac56f44be

SHA1

0b7f75782b2a7de6b4183414680a55f7410c71d7

SHA256

dab82dbf7e6f18b280412c26c65959538a7c184aadab205e49813c2474dc0547

SHA512

3fe024bb8e93bec33a2ed911e13091c6784c4eb6710262bdea8a3614ec174e7ac51d9c4a1a38d4be4b3386e44b8155780e3565a8775da7170bb1fd83ab256cea

Malware Config
Targets
Target

NewActive.exe

MD5

f81c3a1b8349453e85f80b1ac56f44be

Filesize

3MB

Score
8 /10
SHA1

0b7f75782b2a7de6b4183414680a55f7410c71d7

SHA256

dab82dbf7e6f18b280412c26c65959538a7c184aadab205e49813c2474dc0547

SHA512

3fe024bb8e93bec33a2ed911e13091c6784c4eb6710262bdea8a3614ec174e7ac51d9c4a1a38d4be4b3386e44b8155780e3565a8775da7170bb1fd83ab256cea

Tags

Signatures

  • Executes dropped EXE

  • UPX packed file

    Description

    Detects executables packed with UPX/modified UPX open source packer.

    Tags

  • Loads dropped DLL

  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

behavioral1 behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        8/10

                        behavioral2

                        8/10