Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
28-01-2024 16:10
General
-
Target
9e1293cd0929b03d077ad8f3d7e6e098.exe
-
Size
1.1MB
-
MD5
9e1293cd0929b03d077ad8f3d7e6e098
-
SHA1
d5aec0a5b66379443984c91bb94daff7f6828b7b
-
SHA256
00e518ee9b4fe5909e432f9671b8f46f74f79a4f60fe882529cc068b8b50cdf8
-
SHA512
c19983062b67b7dc1515c111dbea449d92b95778d5e837e85cb35c60aaef13fedd0eb491b3994c35df060282c5c009f9d4df466bc62f106e9728687de1b86508
-
SSDEEP
24576:SPn5h5L2zA4yNwQpN2K3yWds0JkKyVah8yzH7:SP5hB2zelOadsLY3zb
Score
10/10
Malware Config
Extracted
Family
risepro
C2
193.233.132.62:50500
Signatures
-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Suspicious use of NtSetInformationThreadHideFromDebugger 15 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9e1293cd0929b03d077ad8f3d7e6e098.exe"C:\Users\Admin\AppData\Local\Temp\9e1293cd0929b03d077ad8f3d7e6e098.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB