General
-
Target
4da6b59602ef79d3825c543736d4a020b9165431ac84091c1d748ea62845adbc
-
Size
1.6MB
-
Sample
231213-22t8babeb4
-
MD5
10c5bca5b583ef1abdd35f78588ac13d
-
SHA1
30b3916dfcdcd6600b14ba9628a16c74b00c1372
-
SHA256
4da6b59602ef79d3825c543736d4a020b9165431ac84091c1d748ea62845adbc
-
SHA512
4bd7f41485ced8b86f40e379d5f5282bc7b4114cb4d45c03b6cef7146f80c2fa1b69c4cf372cddd0358b5cd543a3803a0aa3af92df8f7aac9bb41c1305e06777
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
4da6b59602ef79d3825c543736d4a020b9165431ac84091c1d748ea62845adbc.exe
Resource
win10-20231020-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
4da6b59602ef79d3825c543736d4a020b9165431ac84091c1d748ea62845adbc
-
Size
1.6MB
-
MD5
10c5bca5b583ef1abdd35f78588ac13d
-
SHA1
30b3916dfcdcd6600b14ba9628a16c74b00c1372
-
SHA256
4da6b59602ef79d3825c543736d4a020b9165431ac84091c1d748ea62845adbc
-
SHA512
4bd7f41485ced8b86f40e379d5f5282bc7b4114cb4d45c03b6cef7146f80c2fa1b69c4cf372cddd0358b5cd543a3803a0aa3af92df8f7aac9bb41c1305e06777
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-