Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46.exe

  • Size

    1.7MB

  • Sample

    240213-ggs5asac25

  • MD5

    cc41c1b0765421f0f397e9be38949b7f

  • SHA1

    750a326ef4917e4311bfd0a4534287b9c54dc926

  • SHA256

    e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46

  • SHA512

    7842742eb64699b0219c1cd516e3cf66d3f4d04e232720d185dfffc1471a3693b55fda418cee3a372bfcd89862ea1a5d1ed1aa6a2a6a70513364de5b02020646

  • SSDEEP

    49152:csO5iYju8n8cSa3X9j/Q5C4TQKrTcPml1jLDOb4H+IPUK:csGj8cSS9L4TQKvcPOShKUK

Score
10/10

Malware Config

Extracted

Family

risepro

C2

193.233.132.211:50500

Targets

    • Target

      e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46.exe

    • Size

      1.7MB

    • MD5

      cc41c1b0765421f0f397e9be38949b7f

    • SHA1

      750a326ef4917e4311bfd0a4534287b9c54dc926

    • SHA256

      e3c6537ef0c305d9c7b242b88dcbff7b1a762b277b6d15d1372a41f44aa67c46

    • SHA512

      7842742eb64699b0219c1cd516e3cf66d3f4d04e232720d185dfffc1471a3693b55fda418cee3a372bfcd89862ea1a5d1ed1aa6a2a6a70513364de5b02020646

    • SSDEEP

      49152:csO5iYju8n8cSa3X9j/Q5C4TQKrTcPml1jLDOb4H+IPUK:csGj8cSS9L4TQKvcPOShKUK

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks