Overview

overview

10

Static

static

3

510c42b8ea...50.exe

windows7-x64

10

510c42b8ea...50.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/01/2024, 04:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    510c42b8ea7645e3d749952079619450.exe

  • Size

    1.1MB

  • MD5

    510c42b8ea7645e3d749952079619450

  • SHA1

    0426c2d026f67985677ba310747ae35a0dab0129

  • SHA256

    ccaa24db461ee2dbcddd59d37fd0204fb312253adc9f724fba3f411a5d91f9c8

  • SHA512

    b9f80bf74c20546787b824f749d4bbdc837127983f943d1895ce1b4e2fd4cddc193beef7fa20e38b7ad61078b02dc63c138040e2701810160d0396da14fa09bd

  • SSDEEP

    24576:IQCUVTzY+6tEEZhlR72vYApCBvwQEiyIakEL+Bym1+we5RD:IPQTElb372JpMlVL8Fmhef

Score
10/10
riseprostealer

Malware Config

Extracted

Family

risepro

C2

193.233.132.62:50500

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Suspicious use of NtSetInformationThreadHideFromDebugger 15 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\510c42b8ea7645e3d749952079619450.exe
    "C:\Users\Admin\AppData\Local\Temp\510c42b8ea7645e3d749952079619450.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:4584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4584-0-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-2-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-3-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-4-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-5-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-6-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-7-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-8-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-9-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-10-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-11-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-12-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-13-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-14-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/4584-15-0x0000000000990000-0x0000000000E70000-memory.dmp

    Filesize

    4.9MB

    Download