General
-
Target
21e756eac8338508e8572a5b0317648949bd84bd3a25953cd8ca4b6d080e342b
-
Size
1.6MB
-
Sample
231213-1bpz8shdgr
-
MD5
b00edb5b0c657cbae02fc4dde935e360
-
SHA1
7e26a05fa113b115069db6d35efc6e93bfe58c39
-
SHA256
21e756eac8338508e8572a5b0317648949bd84bd3a25953cd8ca4b6d080e342b
-
SHA512
51065382063f41c14415d670576da218d94f59983a87d5418483d179144c82c76c96eb35c6843789941ef75e00f86ce599cf7d03a7f267edc29583887e6bd504
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
21e756eac8338508e8572a5b0317648949bd84bd3a25953cd8ca4b6d080e342b.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
21e756eac8338508e8572a5b0317648949bd84bd3a25953cd8ca4b6d080e342b
-
Size
1.6MB
-
MD5
b00edb5b0c657cbae02fc4dde935e360
-
SHA1
7e26a05fa113b115069db6d35efc6e93bfe58c39
-
SHA256
21e756eac8338508e8572a5b0317648949bd84bd3a25953cd8ca4b6d080e342b
-
SHA512
51065382063f41c14415d670576da218d94f59983a87d5418483d179144c82c76c96eb35c6843789941ef75e00f86ce599cf7d03a7f267edc29583887e6bd504
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-