General
-
Target
85c11bd01b8d9a0984c864aaff7c54024fb678b3a09f83e80da954210f5922ad
-
Size
1.6MB
-
Sample
231213-21qhqsbea5
-
MD5
a91dd1a2a420fd5ce0e693788a2cf8e4
-
SHA1
e744f7f4d46ea3572f12841a6dcdb6a987950ae6
-
SHA256
85c11bd01b8d9a0984c864aaff7c54024fb678b3a09f83e80da954210f5922ad
-
SHA512
9ad31163aca0446ec2bb923c444fd526f8bb04d13160316c9cb685dd43c7c04c20a8d105e1040cef690def1d69fbc90403d6a5bc42e51069583bc3989c2c7336
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
85c11bd01b8d9a0984c864aaff7c54024fb678b3a09f83e80da954210f5922ad.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
85c11bd01b8d9a0984c864aaff7c54024fb678b3a09f83e80da954210f5922ad
-
Size
1.6MB
-
MD5
a91dd1a2a420fd5ce0e693788a2cf8e4
-
SHA1
e744f7f4d46ea3572f12841a6dcdb6a987950ae6
-
SHA256
85c11bd01b8d9a0984c864aaff7c54024fb678b3a09f83e80da954210f5922ad
-
SHA512
9ad31163aca0446ec2bb923c444fd526f8bb04d13160316c9cb685dd43c7c04c20a8d105e1040cef690def1d69fbc90403d6a5bc42e51069583bc3989c2c7336
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-