Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

af70eec37e...6d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af70eec37ef796df4212aa5fed8c0b6d.exe

  • Size

    1.2MB

  • Sample

    231126-tec2hsac8z

  • MD5

    af70eec37ef796df4212aa5fed8c0b6d

  • SHA1

    81f86d974208d70e7470b1383dbdb678665bf5ba

  • SHA256

    fd0b2a3feaeeb4a337a83b1576f59582d0e626c40a85c414f36e229fa647a7c7

  • SHA512

    92971145dedfb9c962b0745dc43bc59422e9bc287bc84fcacf099550a656b0e30f1d6287a9bc33d530e280f3d6ebacb7ccb8200d2a755f9f10970b61c562809f

  • SSDEEP

    24576:iy22PxKKp9xm0gVEUQuYu+eObnQH0NPAK+2FrC9oa0:Jn5KG9xngVEUQu9ySnEm

Score
10/10
privateloaderriseproloaderpersistencestealer

Malware Config

Extracted

Family

risepro

C2

194.49.94.152

Targets

    • Target

      af70eec37ef796df4212aa5fed8c0b6d.exe

    • Size

      1.2MB

    • MD5

      af70eec37ef796df4212aa5fed8c0b6d

    • SHA1

      81f86d974208d70e7470b1383dbdb678665bf5ba

    • SHA256

      fd0b2a3feaeeb4a337a83b1576f59582d0e626c40a85c414f36e229fa647a7c7

    • SHA512

      92971145dedfb9c962b0745dc43bc59422e9bc287bc84fcacf099550a656b0e30f1d6287a9bc33d530e280f3d6ebacb7ccb8200d2a755f9f10970b61c562809f

    • SSDEEP

      24576:iy22PxKKp9xm0gVEUQuYu+eObnQH0NPAK+2FrC9oa0:Jn5KG9xngVEUQu9ySnEm

    Score
    10/10
    privateloaderriseproloaderpersistencestealer

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

      stealerrisepro

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks