General
-
Target
2a360aa36e05e9cbf11687322ed4a2ffba77124517f8b5093d41c9807e47d6a7
-
Size
1.6MB
-
Sample
231213-1n26bshefp
-
MD5
c8e005cc7f27de13fb64ac5e3ebf13a5
-
SHA1
1bcb944727899ff176ffb2bcc7b99d3e1862f9b6
-
SHA256
2a360aa36e05e9cbf11687322ed4a2ffba77124517f8b5093d41c9807e47d6a7
-
SHA512
215c9abde130d6c0e62965ceaa38b59ad501d77e50f7249cbb217bcad93ad10cff00227b9c79f1d3deac3d820174e07b045b78373d2650ceffb8c660fbea632d
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
2a360aa36e05e9cbf11687322ed4a2ffba77124517f8b5093d41c9807e47d6a7.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
2a360aa36e05e9cbf11687322ed4a2ffba77124517f8b5093d41c9807e47d6a7
-
Size
1.6MB
-
MD5
c8e005cc7f27de13fb64ac5e3ebf13a5
-
SHA1
1bcb944727899ff176ffb2bcc7b99d3e1862f9b6
-
SHA256
2a360aa36e05e9cbf11687322ed4a2ffba77124517f8b5093d41c9807e47d6a7
-
SHA512
215c9abde130d6c0e62965ceaa38b59ad501d77e50f7249cbb217bcad93ad10cff00227b9c79f1d3deac3d820174e07b045b78373d2650ceffb8c660fbea632d
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-