Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    82fcedb528a5e773323d4e9a698898388d2c56931a24df7f1899b0b9f5f87c3c

  • Size

    3.2MB

  • Sample

    231117-v45nhabg84

  • MD5

    6dc2b73b2b565a00420401c863b33764

  • SHA1

    0d6624fea63909298de26485dd5804f81a22840b

  • SHA256

    82fcedb528a5e773323d4e9a698898388d2c56931a24df7f1899b0b9f5f87c3c

  • SHA512

    e3743f4bb7da69d1e9e9a882ce3da92eb31f98ff510f1e83c0c20ea42d5b94d7c34cf4e55e764f8e70a24e0ec0ad8abc6b096f39024582f812a8b10c5db8fad1

  • SSDEEP

    49152:aMbwMc13tn/rx+h6a3vHAm8TXVEG1JaC8Pv3gcJO+1:Vux+oAGvIPv3gcJOe

Malware Config

Extracted

Family

risepro

C2

194.49.94.152

Targets

    • Target

      82fcedb528a5e773323d4e9a698898388d2c56931a24df7f1899b0b9f5f87c3c

    • Size

      3.2MB

    • MD5

      6dc2b73b2b565a00420401c863b33764

    • SHA1

      0d6624fea63909298de26485dd5804f81a22840b

    • SHA256

      82fcedb528a5e773323d4e9a698898388d2c56931a24df7f1899b0b9f5f87c3c

    • SHA512

      e3743f4bb7da69d1e9e9a882ce3da92eb31f98ff510f1e83c0c20ea42d5b94d7c34cf4e55e764f8e70a24e0ec0ad8abc6b096f39024582f812a8b10c5db8fad1

    • SSDEEP

      49152:aMbwMc13tn/rx+h6a3vHAm8TXVEG1JaC8Pv3gcJO+1:Vux+oAGvIPv3gcJOe

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks