General
-
Target
cb88a206b455e67ffa9f64571af54481e8d3ea92efcaa89319a32858d5fa71ce
-
Size
1.6MB
-
Sample
231213-3p3jlabfe6
-
MD5
77fe60085611172b3d92fb0e3acf0154
-
SHA1
888d95cba2c41ece7cd4c3dd99d3fe3a59812438
-
SHA256
cb88a206b455e67ffa9f64571af54481e8d3ea92efcaa89319a32858d5fa71ce
-
SHA512
7e33354a8626dc36db93235cab38df49014c9a3eb6fea0f928166062cab02c0e078ee8263d3d463489167a576e6f20c738abf7e62ce4f44b5fb567e8b3a020e7
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
cb88a206b455e67ffa9f64571af54481e8d3ea92efcaa89319a32858d5fa71ce.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
cb88a206b455e67ffa9f64571af54481e8d3ea92efcaa89319a32858d5fa71ce
-
Size
1.6MB
-
MD5
77fe60085611172b3d92fb0e3acf0154
-
SHA1
888d95cba2c41ece7cd4c3dd99d3fe3a59812438
-
SHA256
cb88a206b455e67ffa9f64571af54481e8d3ea92efcaa89319a32858d5fa71ce
-
SHA512
7e33354a8626dc36db93235cab38df49014c9a3eb6fea0f928166062cab02c0e078ee8263d3d463489167a576e6f20c738abf7e62ce4f44b5fb567e8b3a020e7
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-