General
-
Target
34cbbe86f965b78040be17b8158c9fe114f29459f22c656d3e3fb7dd907db9d4
-
Size
1.6MB
-
Sample
231213-3xm4wabfg2
-
MD5
42920411ab63efb0b4b4879bf0b64f5e
-
SHA1
9967cd766de5095e9d9eec98e4a9146bd7d449a7
-
SHA256
34cbbe86f965b78040be17b8158c9fe114f29459f22c656d3e3fb7dd907db9d4
-
SHA512
a03f7b5f6891f7d0e0451989c844e2831ea15c1e4ff66ce62fca2aa3bc5b32b3f488268eb36de2293ae695afeb65e6a454e521e9e4c487688f578c9cbcfd1aa3
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Behavioral task
behavioral1
Sample
34cbbe86f965b78040be17b8158c9fe114f29459f22c656d3e3fb7dd907db9d4.exe
Resource
win10-20231023-en
Malware Config
Extracted
risepro
193.233.132.51
Targets
-
-
Target
34cbbe86f965b78040be17b8158c9fe114f29459f22c656d3e3fb7dd907db9d4
-
Size
1.6MB
-
MD5
42920411ab63efb0b4b4879bf0b64f5e
-
SHA1
9967cd766de5095e9d9eec98e4a9146bd7d449a7
-
SHA256
34cbbe86f965b78040be17b8158c9fe114f29459f22c656d3e3fb7dd907db9d4
-
SHA512
a03f7b5f6891f7d0e0451989c844e2831ea15c1e4ff66ce62fca2aa3bc5b32b3f488268eb36de2293ae695afeb65e6a454e521e9e4c487688f578c9cbcfd1aa3
-
SSDEEP
49152:80ceOGgUYYEmluRKYoFh4kGWusbQnIyDi1E1uonTKi/OjCCNG:1XOGgUYC4RKXFhrusbaDkE1u
Score7/10-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-