Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b769da5007d56d732ccbcb0b41a778d9cad89c4287e083cd1f913d359e5d68f

  • Size

    919KB

  • Sample

    231211-2mgzfaaegk

  • MD5

    ae6c54c2ede71f40944b9459854e07f4

  • SHA1

    5eafcb54a2555da9baa87b6cfedffe314d87f0dd

  • SHA256

    1b769da5007d56d732ccbcb0b41a778d9cad89c4287e083cd1f913d359e5d68f

  • SHA512

    3d7ac08182145f75e67f982b3096fb856e0971558c56c4ee18a64e932c031a04d294b279b3fd92a13cfab43c4c827931fb486a99dd00d52babd0b4149e03cfe9

  • SSDEEP

    24576:1/WQmHyYo2ReWHxlZszVAg+scwlBjk9I82:1eQyzbxlyVAg+s7lByI8

Score
10/10
privateloaderriseproloaderpersistencestealer

Malware Config

Extracted

Family

risepro

C2

193.233.132.51

Targets

    • Target

      1b769da5007d56d732ccbcb0b41a778d9cad89c4287e083cd1f913d359e5d68f

    • Size

      919KB

    • MD5

      ae6c54c2ede71f40944b9459854e07f4

    • SHA1

      5eafcb54a2555da9baa87b6cfedffe314d87f0dd

    • SHA256

      1b769da5007d56d732ccbcb0b41a778d9cad89c4287e083cd1f913d359e5d68f

    • SHA512

      3d7ac08182145f75e67f982b3096fb856e0971558c56c4ee18a64e932c031a04d294b279b3fd92a13cfab43c4c827931fb486a99dd00d52babd0b4149e03cfe9

    • SSDEEP

      24576:1/WQmHyYo2ReWHxlZszVAg+scwlBjk9I82:1eQyzbxlyVAg+s7lByI8

    Score
    10/10
    privateloaderriseproloaderpersistencestealer

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

      stealerrisepro

    • Drops startup file

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks