75538b5146169c7ec795100e43b5f7b3e3fd32d8abf5a86b8ecb14a415f1f979 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Rise installer.exe

windows7-x64

7

Rise installer.exe

windows10-2004-x64

7

Sharing

General

Target

Riseinstaller.zip
Size

20.1MB
Sample

240428-t3lcssbh38
MD5

f62ad87c92cb19928da364ecc744bfcd
SHA1

f4458e44dc244ab051d09311e1dbb9e29d58a42b
SHA256

75538b5146169c7ec795100e43b5f7b3e3fd32d8abf5a86b8ecb14a415f1f979
SHA512

adb0a79dedf1354b96a1c6b8c2c251518d9298475fa4336477494fc105f4b37bc2764bd72c5ea3608b2b97a7cbb75c0bd319788d78d53d4e78aa1c356003f5a7
SSDEEP

393216:MVWseIsxdLo7nZ+5AzGdtUCsdolWllWkBbgrpLoDnMRHpa3vMH0T:qW0sxd87n4l3UCsKlcWkBgrsnOJcvMHA

Score

7^/10

pyinstaller spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Rise installer.exe

Resource

win7-20240419-en

windows7-x64

8 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Rise installer.exe

Resource

win10v2004-20240419-en

spyware stealer

windows10-2004-x64

16 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Rise installer.exe
- Size
  
  20.4MB
- MD5
  
  856459997fb96b62ef09c90e4769d7e1
- SHA1
  
  d28447c5a7fe075bc60865ea136d4ea78ed81f00
- SHA256
  
  b37b9294b5fa79b355bc2df0c79e1e9a6e53a7e043e626b8703074009542f26d
- SHA512
  
  7d8afd31b5392bd1eacd0b5a92e3a16ede4bce53bf4d0836eb63bb657f05ebfa129369ad0e40a2843fccf956257b02e40f4e79c8724d8a4343388a30c2c43ab7
- SSDEEP
  
  393216:wEkZQtsukT+X0P8AxYDX1+TtIiFqCuARuAQhFXmbrr7PzWF56uA:whQtsX6XX71QtI1CuAgh8rXCL6uA
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy