General
-
Target
e1500ec47493454d43407403f0bcb6c931ed24dcc650d4ee05114f235a1f794c
-
Size
1.6MB
-
Sample
231213-1svbaahehq
-
MD5
cf9707fb4820f61202d2f2716d177c2c
-
SHA1
23c6a0f1800abb17004684ee9c73ea41020c06ce
-
SHA256
e1500ec47493454d43407403f0bcb6c931ed24dcc650d4ee05114f235a1f794c
-
SHA512
cde77f9f6e76ab049c47b142e854cbbf7b408f44d8b2c8b31fb5e486885ea8a324fb4eb1c3780e4767e90417f1bc35057b3455d39acbcf21eb1cca31eec634d5
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
e1500ec47493454d43407403f0bcb6c931ed24dcc650d4ee05114f235a1f794c.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
e1500ec47493454d43407403f0bcb6c931ed24dcc650d4ee05114f235a1f794c
-
Size
1.6MB
-
MD5
cf9707fb4820f61202d2f2716d177c2c
-
SHA1
23c6a0f1800abb17004684ee9c73ea41020c06ce
-
SHA256
e1500ec47493454d43407403f0bcb6c931ed24dcc650d4ee05114f235a1f794c
-
SHA512
cde77f9f6e76ab049c47b142e854cbbf7b408f44d8b2c8b31fb5e486885ea8a324fb4eb1c3780e4767e90417f1bc35057b3455d39acbcf21eb1cca31eec634d5
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-