General
-
Target
4fc243d1a50ea1ab9c4b5ff0b2846fc4f3b2ace149ed2f4b448a9c4b1a601cd0
-
Size
1.6MB
-
Sample
231213-3s7ygsabem
-
MD5
941de985da91931e537f850da6eaf497
-
SHA1
e29cc3378de57ee89c3fe43c6569f7e30f498966
-
SHA256
4fc243d1a50ea1ab9c4b5ff0b2846fc4f3b2ace149ed2f4b448a9c4b1a601cd0
-
SHA512
797f85283388b00da56693ab614b8588e59e4002fc6d6c556354a593dbb634afb13ed8069b90d97fd009a5f32a58e0862277b0f6bd3a82b0d1be7c19a4c49a74
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
4fc243d1a50ea1ab9c4b5ff0b2846fc4f3b2ace149ed2f4b448a9c4b1a601cd0.exe
Resource
win10v2004-20231130-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
4fc243d1a50ea1ab9c4b5ff0b2846fc4f3b2ace149ed2f4b448a9c4b1a601cd0
-
Size
1.6MB
-
MD5
941de985da91931e537f850da6eaf497
-
SHA1
e29cc3378de57ee89c3fe43c6569f7e30f498966
-
SHA256
4fc243d1a50ea1ab9c4b5ff0b2846fc4f3b2ace149ed2f4b448a9c4b1a601cd0
-
SHA512
797f85283388b00da56693ab614b8588e59e4002fc6d6c556354a593dbb634afb13ed8069b90d97fd009a5f32a58e0862277b0f6bd3a82b0d1be7c19a4c49a74
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-