Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

SecuriteIn...64.exe

windows7-x64

10

SecuriteIn...64.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.TrojanX-gen.21462.10764.exe

  • Size

    1.5MB

  • Sample

    231125-x13e3scc35

  • MD5

    09faa9617549b665144b272d4a31b8c5

  • SHA1

    e27779e8961a77495bc8b17b4ed34120263d7206

  • SHA256

    c233aed58e67dc39ea4793fe6e451e0748c959395abbc39741457b6df59c07aa

  • SHA512

    0b9f182af3be2abd774f26919b5e45d7fbedd318af5daa54a3cbf4713b55474e8e7b48a654d7d7a6365f8f58586b234e9221dba61e02b125fd025d20b700678e

  • SSDEEP

    24576:2opGDjnvrPpkjos0OtjcFc5kM49dj+IuxWQOIjuJuVvhbqL0HtFcgekRP9dT0WNI:OnvrPGT0Egyudc4tI3bqL0NFchaP9dTy

Score
10/10
privateloaderriseproloaderpersistencestealer

Malware Config

Extracted

Family

risepro

C2

194.49.94.152

Targets

    • Target

      SecuriteInfo.com.Win32.TrojanX-gen.21462.10764.exe

    • Size

      1.5MB

    • MD5

      09faa9617549b665144b272d4a31b8c5

    • SHA1

      e27779e8961a77495bc8b17b4ed34120263d7206

    • SHA256

      c233aed58e67dc39ea4793fe6e451e0748c959395abbc39741457b6df59c07aa

    • SHA512

      0b9f182af3be2abd774f26919b5e45d7fbedd318af5daa54a3cbf4713b55474e8e7b48a654d7d7a6365f8f58586b234e9221dba61e02b125fd025d20b700678e

    • SSDEEP

      24576:2opGDjnvrPpkjos0OtjcFc5kM49dj+IuxWQOIjuJuVvhbqL0HtFcgekRP9dT0WNI:OnvrPGT0Egyudc4tI3bqL0NFchaP9dTy

    Score
    10/10
    privateloaderriseproloaderpersistencestealer

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

      stealerrisepro

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks