General
-
Target
c06eb1d8fee6a1550c90cd34ef8afee1020dc91c551e2915a424cf8ae2a9a825
-
Size
1.6MB
-
Sample
231213-2d99mabce6
-
MD5
d69e49490455dae27f2119051b4fe339
-
SHA1
148bda762b1eaa9d40ce92de5c78606416b6a63b
-
SHA256
c06eb1d8fee6a1550c90cd34ef8afee1020dc91c551e2915a424cf8ae2a9a825
-
SHA512
f403153ba7e0da3f6d0723a4b8d755074e87577c420ea3ae0b82d515b6893834af9d716ebf882f6137ef23189c1a1186f37cfb231d5be5a217a8c1cf030f06ec
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
c06eb1d8fee6a1550c90cd34ef8afee1020dc91c551e2915a424cf8ae2a9a825.exe
Resource
win10-20231020-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
c06eb1d8fee6a1550c90cd34ef8afee1020dc91c551e2915a424cf8ae2a9a825
-
Size
1.6MB
-
MD5
d69e49490455dae27f2119051b4fe339
-
SHA1
148bda762b1eaa9d40ce92de5c78606416b6a63b
-
SHA256
c06eb1d8fee6a1550c90cd34ef8afee1020dc91c551e2915a424cf8ae2a9a825
-
SHA512
f403153ba7e0da3f6d0723a4b8d755074e87577c420ea3ae0b82d515b6893834af9d716ebf882f6137ef23189c1a1186f37cfb231d5be5a217a8c1cf030f06ec
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-