General
-
Target
9bb79f1e5648649eb951b96233880a66967a2ced5dac6f4bfa8f4207c33f38e3
-
Size
1.6MB
-
Sample
231213-1cj6dahdhn
-
MD5
78f5281e9e0b50cbcc53cea6202d07cd
-
SHA1
0ba2216dee56619e1fb396db92d35e24a80fdf15
-
SHA256
9bb79f1e5648649eb951b96233880a66967a2ced5dac6f4bfa8f4207c33f38e3
-
SHA512
a43167c298d30b649b22740d7d577a0f76b6fb1887dcf0585df0e735e0039dc8056aea5355a2f3cd0a695de644c09b601c9a292fcc2577c4b8f4b8107668f736
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
9bb79f1e5648649eb951b96233880a66967a2ced5dac6f4bfa8f4207c33f38e3.exe
Resource
win10-20231129-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
9bb79f1e5648649eb951b96233880a66967a2ced5dac6f4bfa8f4207c33f38e3
-
Size
1.6MB
-
MD5
78f5281e9e0b50cbcc53cea6202d07cd
-
SHA1
0ba2216dee56619e1fb396db92d35e24a80fdf15
-
SHA256
9bb79f1e5648649eb951b96233880a66967a2ced5dac6f4bfa8f4207c33f38e3
-
SHA512
a43167c298d30b649b22740d7d577a0f76b6fb1887dcf0585df0e735e0039dc8056aea5355a2f3cd0a695de644c09b601c9a292fcc2577c4b8f4b8107668f736
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-