General
-
Target
file.exe
-
Size
5.6MB
-
Sample
240205-l984faddb4
-
MD5
d08e21ef739bcb9d74508790a6e6238f
-
SHA1
74576503141f26edab05ce2da89b66cb3bcf293b
-
SHA256
42c24e5ea82db961c718b4ec041202f85de3cdf6d35dd99d83a753f9a175945d
-
SHA512
6ea1cd13b0bda1b69d0af26f073e2eb1eb2722b83a39c4b53148528fb88e09133ef7d095dc6617c5571e4a5248e0162f68afe13a4b1daa522797912a69b5dbee
-
SSDEEP
98304:eImo/NRpwP2DkKA+Ga5q73V41AmcR1Miq465iU7Fem+KOd8PbXLgKiOvG6ZB6Q3H:Xm0Rouq61i1U5Um+J+jkjEG6Zw
Malware Config
Targets
-
-
Target
file.exe
-
Size
5.6MB
-
MD5
d08e21ef739bcb9d74508790a6e6238f
-
SHA1
74576503141f26edab05ce2da89b66cb3bcf293b
-
SHA256
42c24e5ea82db961c718b4ec041202f85de3cdf6d35dd99d83a753f9a175945d
-
SHA512
6ea1cd13b0bda1b69d0af26f073e2eb1eb2722b83a39c4b53148528fb88e09133ef7d095dc6617c5571e4a5248e0162f68afe13a4b1daa522797912a69b5dbee
-
SSDEEP
98304:eImo/NRpwP2DkKA+Ga5q73V41AmcR1Miq465iU7Fem+KOd8PbXLgKiOvG6ZB6Q3H:Xm0Rouq61i1U5Um+J+jkjEG6Zw
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops Chrome extension
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-