General
-
Target
f94b437dfd331be885753dd21a55045c6f44eab3a24718df7f3adfe87cd62788
-
Size
1.6MB
-
Sample
231213-1bejhahdgp
-
MD5
15565e9debf3ae9580371a03f45db549
-
SHA1
f72a44ec7a004bf052396d9bb5dee206b376465a
-
SHA256
f94b437dfd331be885753dd21a55045c6f44eab3a24718df7f3adfe87cd62788
-
SHA512
609e4c7d53b57f71123973af2701bda739a3a00dbd9f0f6458c50f8e79789bd44ac5827965932fe57df068b7b91f2da304183312301043a109e4136b97bf0f2f
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
f94b437dfd331be885753dd21a55045c6f44eab3a24718df7f3adfe87cd62788.exe
Resource
win10-20231023-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
f94b437dfd331be885753dd21a55045c6f44eab3a24718df7f3adfe87cd62788
-
Size
1.6MB
-
MD5
15565e9debf3ae9580371a03f45db549
-
SHA1
f72a44ec7a004bf052396d9bb5dee206b376465a
-
SHA256
f94b437dfd331be885753dd21a55045c6f44eab3a24718df7f3adfe87cd62788
-
SHA512
609e4c7d53b57f71123973af2701bda739a3a00dbd9f0f6458c50f8e79789bd44ac5827965932fe57df068b7b91f2da304183312301043a109e4136b97bf0f2f
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-