General
-
Target
7b5f6b5df3e4a4035657e1d125ea62603f036b3b82d3db3f73c86dfb7794190a
-
Size
1.6MB
-
Sample
231213-24vxmaaack
-
MD5
aea50b68c11c05f1843d870189d017ea
-
SHA1
214eeb2800fabf91f84d6558c9b765cc4a2ff106
-
SHA256
7b5f6b5df3e4a4035657e1d125ea62603f036b3b82d3db3f73c86dfb7794190a
-
SHA512
9164d1adafc302f2b87f2d0c5ce31ebc8db13fdcf9cf072686bfaa1499e94cb3a7312a5c9db0a3c7ab85f7c44ce9a4edd6db3879b1aa8d114cd37f2338acd75b
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
7b5f6b5df3e4a4035657e1d125ea62603f036b3b82d3db3f73c86dfb7794190a.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
7b5f6b5df3e4a4035657e1d125ea62603f036b3b82d3db3f73c86dfb7794190a
-
Size
1.6MB
-
MD5
aea50b68c11c05f1843d870189d017ea
-
SHA1
214eeb2800fabf91f84d6558c9b765cc4a2ff106
-
SHA256
7b5f6b5df3e4a4035657e1d125ea62603f036b3b82d3db3f73c86dfb7794190a
-
SHA512
9164d1adafc302f2b87f2d0c5ce31ebc8db13fdcf9cf072686bfaa1499e94cb3a7312a5c9db0a3c7ab85f7c44ce9a4edd6db3879b1aa8d114cd37f2338acd75b
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-