General
-
Target
98b7f38730386d8dca3810f977d88f2f44b1a5d66dab2b139b527cb8fc29e955
-
Size
1.6MB
-
Sample
231213-3x742sbfg5
-
MD5
4431841ec99f4d0f6f1913b7fb996c1a
-
SHA1
9eb835563739e6e658cf7c1f6721524940903537
-
SHA256
98b7f38730386d8dca3810f977d88f2f44b1a5d66dab2b139b527cb8fc29e955
-
SHA512
dfdbe54704e5cce98a745ca359f5f0b95184de1a01b030acc09b12dbe947b9c2455079ca58f0c3d69f7423bb5965e482c13ed8c784f1d0202cc716f82259967b
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
98b7f38730386d8dca3810f977d88f2f44b1a5d66dab2b139b527cb8fc29e955.exe
Resource
win10-20231023-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
98b7f38730386d8dca3810f977d88f2f44b1a5d66dab2b139b527cb8fc29e955
-
Size
1.6MB
-
MD5
4431841ec99f4d0f6f1913b7fb996c1a
-
SHA1
9eb835563739e6e658cf7c1f6721524940903537
-
SHA256
98b7f38730386d8dca3810f977d88f2f44b1a5d66dab2b139b527cb8fc29e955
-
SHA512
dfdbe54704e5cce98a745ca359f5f0b95184de1a01b030acc09b12dbe947b9c2455079ca58f0c3d69f7423bb5965e482c13ed8c784f1d0202cc716f82259967b
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-