General
-
Target
6a8bab5f7568c4fd75d62ffd75907935725efa82ca3759154da5062e5a135d32
-
Size
1.6MB
-
Sample
231213-3xcm5sabgj
-
MD5
e63e2bd0906df58bf4bc8f535cd27881
-
SHA1
c7984a2fcc80900da0a050a64728ebf5dfbf5199
-
SHA256
6a8bab5f7568c4fd75d62ffd75907935725efa82ca3759154da5062e5a135d32
-
SHA512
981c4263eab1bb5053f4b4261516279014791d5c6649878f27bc0b4f8fc6357ba504949ea15796287e37ebd6ccc65077f376c6ecc0140dc1251a988d91b509f6
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
6a8bab5f7568c4fd75d62ffd75907935725efa82ca3759154da5062e5a135d32.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
6a8bab5f7568c4fd75d62ffd75907935725efa82ca3759154da5062e5a135d32
-
Size
1.6MB
-
MD5
e63e2bd0906df58bf4bc8f535cd27881
-
SHA1
c7984a2fcc80900da0a050a64728ebf5dfbf5199
-
SHA256
6a8bab5f7568c4fd75d62ffd75907935725efa82ca3759154da5062e5a135d32
-
SHA512
981c4263eab1bb5053f4b4261516279014791d5c6649878f27bc0b4f8fc6357ba504949ea15796287e37ebd6ccc65077f376c6ecc0140dc1251a988d91b509f6
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-