General
-
Target
50e5f2574b3a16fcae7935ad0f04fc690cd65049ab09b637425b6e83b4622c42
-
Size
1.6MB
-
Sample
231213-3r3blsbff3
-
MD5
f19923d368db30d215eba2260c572701
-
SHA1
885578c5bd1ee4d8c9959343623108aca4198c7a
-
SHA256
50e5f2574b3a16fcae7935ad0f04fc690cd65049ab09b637425b6e83b4622c42
-
SHA512
a6c0d675cbe1a15263ceae7985a11b86c96c37081559e75e5901f609f6751837e567895aec6845b0fdd31b5ff7c7b1ee59ab551c834c8b4c0ebca214f8bf604b
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
50e5f2574b3a16fcae7935ad0f04fc690cd65049ab09b637425b6e83b4622c42.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
50e5f2574b3a16fcae7935ad0f04fc690cd65049ab09b637425b6e83b4622c42
-
Size
1.6MB
-
MD5
f19923d368db30d215eba2260c572701
-
SHA1
885578c5bd1ee4d8c9959343623108aca4198c7a
-
SHA256
50e5f2574b3a16fcae7935ad0f04fc690cd65049ab09b637425b6e83b4622c42
-
SHA512
a6c0d675cbe1a15263ceae7985a11b86c96c37081559e75e5901f609f6751837e567895aec6845b0fdd31b5ff7c7b1ee59ab551c834c8b4c0ebca214f8bf604b
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-