Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    299s
  • max time network
    292s
  • platform
    windows10-1703_x64
  • resource
    win10-20231215-en
  • resource tags

    arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14/02/2024, 04:51

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a0d9577ffcf5c76383a20653b4abd06385ccd6fe5a8e7c48ac2652cac249c881.exe

  • Size

    3.0MB

  • MD5

    eaa9a6d2ba243567af4c323276bee334

  • SHA1

    e36055a0d6bfb7ca4c8b6289d257cbadc7c3ac42

  • SHA256

    a0d9577ffcf5c76383a20653b4abd06385ccd6fe5a8e7c48ac2652cac249c881

  • SHA512

    c46a49ce909b74d53cf5dee749bb6d39ddf750cdf74ee70d1fd0df33860971c08b5f393781d997f16ebc94d389d0fce00f569a753e69c8a56f9ec3f1a5f0387e

  • SSDEEP

    49152:FQQNqn9L3M56JX3Ualq5tIktd9JLzAsQ5b+Y5nS5gWh7kFHTaRRSJijaerJhYj:FQAIQ2nDItIk5Joow+ZiFccpeFe

Score
10/10
riseprostealer

Malware Config

Extracted

Family

risepro

C2

193.233.132.62

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Suspicious use of NtSetInformationThreadHideFromDebugger 31 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a0d9577ffcf5c76383a20653b4abd06385ccd6fe5a8e7c48ac2652cac249c881.exe
    "C:\Users\Admin\AppData\Local\Temp\a0d9577ffcf5c76383a20653b4abd06385ccd6fe5a8e7c48ac2652cac249c881.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:528

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/528-0-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-1-0x000000007F650000-0x000000007FA21000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/528-2-0x0000000077562000-0x0000000077563000-memory.dmp

          Filesize

          4KB

          Download

        • memory/528-3-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-4-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-5-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-6-0x000000007F650000-0x000000007FA21000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/528-7-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-8-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-9-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-10-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-11-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-12-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-13-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-14-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-15-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-16-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-17-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-18-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-19-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-20-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-21-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-22-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-23-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-24-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-25-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-26-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-27-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-28-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-29-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-30-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-31-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-32-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download

        • memory/528-33-0x0000000000E90000-0x00000000019A5000-memory.dmp

          Filesize

          11.1MB

          Download