General
-
Target
31a2a799fc0d1a0ea3c588b7518e2cc1a38b5d43e40ac32083bb1f2a542df441
-
Size
1.6MB
-
Sample
231213-1vb8gsbbb5
-
MD5
9990b3de44eadc210214a62c1928144d
-
SHA1
b85634453db35fbc47a542401911f17cb9d6d500
-
SHA256
31a2a799fc0d1a0ea3c588b7518e2cc1a38b5d43e40ac32083bb1f2a542df441
-
SHA512
bc0ea39ecbbc3777b55de74e6f48617ce2027a50c01666cac13ab6caff6a0b36541b41135557eb532e2a856b2d536a9d83fe20016145fbd7c4049b962bdd7efd
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
31a2a799fc0d1a0ea3c588b7518e2cc1a38b5d43e40ac32083bb1f2a542df441.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
31a2a799fc0d1a0ea3c588b7518e2cc1a38b5d43e40ac32083bb1f2a542df441
-
Size
1.6MB
-
MD5
9990b3de44eadc210214a62c1928144d
-
SHA1
b85634453db35fbc47a542401911f17cb9d6d500
-
SHA256
31a2a799fc0d1a0ea3c588b7518e2cc1a38b5d43e40ac32083bb1f2a542df441
-
SHA512
bc0ea39ecbbc3777b55de74e6f48617ce2027a50c01666cac13ab6caff6a0b36541b41135557eb532e2a856b2d536a9d83fe20016145fbd7c4049b962bdd7efd
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-