General
-
Target
33ff8752083bf6b5105749bf5b772b4a.exe
-
Size
18.3MB
-
Sample
240926-l4fvpstgjh
-
MD5
33ff8752083bf6b5105749bf5b772b4a
-
SHA1
01f8869d2fcd4ff1184dfc956905e01eb15f0d92
-
SHA256
ee6ee03724690a677d4bf2610ea86d94eaeb94068d627fe36ec2f0353cc1c9ba
-
SHA512
26445b94571fb374b57bb0ee129a8e7fc624e7c3d315a6a6fc0f165f33fa593e90932ef4e5bb0faa7b91f9f1647fc62d1027e7bc58947da4ecdde11745104c7a
-
SSDEEP
49152:Ix1BZ/3KMJESGkP9bKJPUyN1RL7HDUq1373ht:+bZ/6JSGkPRwPU2R3Q63h
Static task
static1
Behavioral task
behavioral1
Sample
33ff8752083bf6b5105749bf5b772b4a.exe
Resource
win7-20240903-en
Malware Config
Extracted
risepro
3.36.173.8:50500
Targets
-
-
Target
33ff8752083bf6b5105749bf5b772b4a.exe
-
Size
18.3MB
-
MD5
33ff8752083bf6b5105749bf5b772b4a
-
SHA1
01f8869d2fcd4ff1184dfc956905e01eb15f0d92
-
SHA256
ee6ee03724690a677d4bf2610ea86d94eaeb94068d627fe36ec2f0353cc1c9ba
-
SHA512
26445b94571fb374b57bb0ee129a8e7fc624e7c3d315a6a6fc0f165f33fa593e90932ef4e5bb0faa7b91f9f1647fc62d1027e7bc58947da4ecdde11745104c7a
-
SSDEEP
49152:Ix1BZ/3KMJESGkP9bKJPUyN1RL7HDUq1373ht:+bZ/6JSGkPRwPU2R3Q63h
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-
Suspicious use of SetThreadContext
-