General
-
Target
04dc18e95573df9003fa803e9292c7ebf942098196eec9f3e0d966300ea6d013
-
Size
1.6MB
-
Sample
231213-22kc4sbea9
-
MD5
08129c6bb9587ff34b206aecf348ee44
-
SHA1
032d5e725335cf727c4bb281d2381d5a6f8a0700
-
SHA256
04dc18e95573df9003fa803e9292c7ebf942098196eec9f3e0d966300ea6d013
-
SHA512
77260386ac67ae3f89ce8b17360cc2f1ba25219787d00b4e90b1a165c81e4fba5077f8310b66ba0f34984e2e70e17d877c844f2325d79945930c0a9f6450d21c
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
04dc18e95573df9003fa803e9292c7ebf942098196eec9f3e0d966300ea6d013.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
04dc18e95573df9003fa803e9292c7ebf942098196eec9f3e0d966300ea6d013
-
Size
1.6MB
-
MD5
08129c6bb9587ff34b206aecf348ee44
-
SHA1
032d5e725335cf727c4bb281d2381d5a6f8a0700
-
SHA256
04dc18e95573df9003fa803e9292c7ebf942098196eec9f3e0d966300ea6d013
-
SHA512
77260386ac67ae3f89ce8b17360cc2f1ba25219787d00b4e90b1a165c81e4fba5077f8310b66ba0f34984e2e70e17d877c844f2325d79945930c0a9f6450d21c
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-