Overview

overview

7

Static

static

3

Rise 6.0.22 Crack.zip

windows10-1703-x64

1

Rise/Rise.jar

windows10-1703-x64

7

Rise/Rise.json

windows10-1703-x64

3

Rise/nativ...32.dll

windows10-1703-x64

1

Rise/nativ...64.dll

windows10-1703-x64

1

Rise/nativ...51.dll

windows10-1703-x64

1

Rise/nativ...x8.dll

windows10-1703-x64

1

Rise/nativ...64.dll

windows10-1703-x64

1

Rise/nativ...aw.dll

windows10-1703-x64

1

Rise/nativ...64.dll

windows10-1703-x64

1

Rise/nativ...ab.dll

windows10-1703-x64

1

Rise/nativ...64.dll

windows10-1703-x64

1

Rise/nativ...tv.dll

windows10-1703-x64

1

Rise/nativ...gl.dll

windows10-1703-x64

3

Rise/nativ...64.dll

windows10-1703-x64

1

Rise/nativ...-0.dll

windows10-1703-x64

1

Rise/nativ...dk.dll

windows10-1703-x64

1

RiseAuth/R...nd.jar

windows10-1703-x64

7

RiseAuth/start.bat

windows10-1703-x64

7

Analysis

  • max time kernel
    1813s
  • max time network
    1821s
  • platform
    windows10-1703_x64
  • resource
    win10-20231023-en
  • resource tags

    arch:x64arch:x86image:win10-20231023-enlocale:en-usos:windows10-1703-x64system
  • submitted
    04/11/2023, 19:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Rise/natives/swresample-ttv-0.dll

  • Size

    352KB

  • MD5

    052592f7f5afaf2b6b470c4b94c84ca8

  • SHA1

    25d1923a17511a9fc1ef56c510dfb63621826274

  • SHA256

    d2e299de60803d5c4f869b45a3c9f9eff3876dd466bfc5b8071bf34ef592afea

  • SHA512

    b14710a6d95411023c13e54e90f53fbc1f78d7a3f3d996e4350724d434ca4b4b45659320b4d4d7e93b8b2cf518bf9796d512590f1b30c69073d5ebdea4c5e345

  • SSDEEP

    3072:OFTS5DqPnuK3AvKL9RD9GUyz35FIh7J7TVN6wqqKdotybndA9njSLhtNsMKVCAkp:OeDqPuPKL9RcUyz3iavt35Ak4za

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Rise\natives\swresample-ttv-0.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1636
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1636 -s 280
      2⤵
        PID:4776

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1636-0-0x0000000065980000-0x00000000659D6000-memory.dmp

            Filesize

            344KB

            Download

          • memory/1636-1-0x0000000070A40000-0x0000000070ADC000-memory.dmp

            Filesize

            624KB

            Download