General

  • Target

    good.exe

  • Size

    1.6MB

  • MD5

    81e30f580f1a0b6d719c84658469179d

  • SHA1

    125c7c16efadafcb7e8c9374c4b034f8714f5da1

  • SHA256

    9596077ce994b0a259cad7d45f7c848a763d913ae2fb3e86c21ec4b15b1255e5

  • SHA512

    2d02bfe821a7e7b03f91ba53b9874f2420bcf237ae14d97b77753c30e74979286b0a3ca431724f5746462000c9fd6756da24937b52ef9ef2d8efe80d2dd33770

  • SSDEEP

    49152:qWg8wUmZOzqiavjDUJO/WH89ctcO0ljbbQnIQGotBKqy8TJCHEGU42sn6:ZiUmZOzqiavjDUM/WH89y8bboGO

Score
10/10

Malware Config

Extracted

Family

risepro

C2

193.233.132.51

Signatures

  • Privateloader family
  • Risepro family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • good.exe
    .exe windows:6 windows x86 arch:x86

    a391c991ba6330d6ddb5beaa15ef064c


    Headers

    Imports

    Sections