General
-
Target
dfabdb4823c17134a0fcced2a94bed5405f08a932239e380ad6703bd951c201d
-
Size
1.6MB
-
Sample
231213-3rr6msabdp
-
MD5
facc20e510d3b2ad60b2b68b15c3aebf
-
SHA1
4664e56f77c61b59b1187ab7db2c0a7118b634e0
-
SHA256
dfabdb4823c17134a0fcced2a94bed5405f08a932239e380ad6703bd951c201d
-
SHA512
224a5b35f33b103c25f95680dfdfc9a133dec840feeb82cb780351c8fbfeb3fd2e46762da00744ec58ae6cc6938d4c4baafe481422db3e8f117bee26d1797b8a
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
dfabdb4823c17134a0fcced2a94bed5405f08a932239e380ad6703bd951c201d.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
dfabdb4823c17134a0fcced2a94bed5405f08a932239e380ad6703bd951c201d
-
Size
1.6MB
-
MD5
facc20e510d3b2ad60b2b68b15c3aebf
-
SHA1
4664e56f77c61b59b1187ab7db2c0a7118b634e0
-
SHA256
dfabdb4823c17134a0fcced2a94bed5405f08a932239e380ad6703bd951c201d
-
SHA512
224a5b35f33b103c25f95680dfdfc9a133dec840feeb82cb780351c8fbfeb3fd2e46762da00744ec58ae6cc6938d4c4baafe481422db3e8f117bee26d1797b8a
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-