General

  • Target

    c361179e3539434f6607ce9f9f72416e945a561e112e8f8d2ca5c5ae85a68ecf

  • Size

    3.9MB

  • Sample

    231213-1aatxshdgk

  • MD5

    533d2826715e2282a11ac5d4a022814a

  • SHA1

    d07632139066bde16e6672f4404fa5fb37a50698

  • SHA256

    c361179e3539434f6607ce9f9f72416e945a561e112e8f8d2ca5c5ae85a68ecf

  • SHA512

    119e7179cc06a044070ac89b78743447031aa47d831ea3b1e8b6a7f57e288762188520019f41c08b448362f9ce48dcd52f2b3a78a1ad5b5ddbe37c3916a7bbf8

  • SSDEEP

    98304:eglz1GUuhU5RtzUNQ3J3Y8KQzFSi4BNQ2r:/z1G8RtzJCZQz07

Malware Config

Extracted

Family

risepro

C2

193.233.132.51

Targets

    • Target

      c361179e3539434f6607ce9f9f72416e945a561e112e8f8d2ca5c5ae85a68ecf

    • Size

      3.9MB

    • MD5

      533d2826715e2282a11ac5d4a022814a

    • SHA1

      d07632139066bde16e6672f4404fa5fb37a50698

    • SHA256

      c361179e3539434f6607ce9f9f72416e945a561e112e8f8d2ca5c5ae85a68ecf

    • SHA512

      119e7179cc06a044070ac89b78743447031aa47d831ea3b1e8b6a7f57e288762188520019f41c08b448362f9ce48dcd52f2b3a78a1ad5b5ddbe37c3916a7bbf8

    • SSDEEP

      98304:eglz1GUuhU5RtzUNQ3J3Y8KQzFSi4BNQ2r:/z1G8RtzJCZQz07

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Downloads MZ/PE file

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks