risepro | b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc

Analysis

max time kernel
122s
max time network
122s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
21/02/2024, 03:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe
Size

6.6MB
MD5

b1a098476dd2f216c9c08d09e7dcf6f0
SHA1

873a36b744a23e4ffaffc21c927bfb348fb690c1
SHA256

b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc
SHA512

b10e16f4a3dbd6aba4b130acb7e97dcfe2bc285888ebdd43cd2b5d50955078a2d6c6ccfc535c9fb7ac43efb9e55baa3d302118ff4eeef1fc7b76bb7bf617f86e
SSDEEP

196608:V5x6JkQL119ASGbcM/4HIBc/vFxjpwyyu9EM32Ar:8LS/jBc9Vr

Score

10^/10

risepro stealer

Malware Config

Extracted

Family

risepro

193.233.132.55:50500

Signatures

RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
stealer risepro

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1888	b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe

C:\Users\Admin\AppData\Local\Temp\b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe
"C:\Users\Admin\AppData\Local\Temp\b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1888-0-0x0000000000110000-0x0000000000111000-memory.dmp

Filesize
4KB

Download
memory/1888-6-0x0000000000120000-0x0000000000121000-memory.dmp

Filesize
4KB

Download
memory/1888-5-0x0000000000110000-0x0000000000111000-memory.dmp

Filesize
4KB

Download
memory/1888-3-0x0000000000110000-0x0000000000111000-memory.dmp

Filesize
4KB

Download
memory/1888-2-0x0000000001050000-0x0000000001B83000-memory.dmp

Filesize
11.2MB

Download
memory/1888-8-0x00000000777A0000-0x00000000777A1000-memory.dmp

Filesize
4KB

Download
memory/1888-9-0x0000000000120000-0x0000000000121000-memory.dmp

Filesize
4KB

Download
memory/1888-11-0x0000000000120000-0x0000000000121000-memory.dmp

Filesize
4KB

Download
memory/1888-13-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-12-0x0000000000130000-0x0000000000131000-memory.dmp

Filesize
4KB

Download
memory/1888-15-0x0000000000130000-0x0000000000131000-memory.dmp

Filesize
4KB

Download
memory/1888-20-0x0000000000140000-0x0000000000141000-memory.dmp

Filesize
4KB

Download
memory/1888-18-0x0000000000140000-0x0000000000141000-memory.dmp

Filesize
4KB

Download
memory/1888-22-0x0000000000140000-0x0000000000141000-memory.dmp

Filesize
4KB

Download
memory/1888-17-0x0000000000130000-0x0000000000131000-memory.dmp

Filesize
4KB

Download
memory/1888-24-0x00000000777A0000-0x00000000777A1000-memory.dmp

Filesize
4KB

Download
memory/1888-23-0x0000000000150000-0x0000000000151000-memory.dmp

Filesize
4KB

Download
memory/1888-26-0x0000000000150000-0x0000000000151000-memory.dmp

Filesize
4KB

Download
memory/1888-31-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download
memory/1888-29-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download
memory/1888-33-0x0000000000160000-0x0000000000161000-memory.dmp

Filesize
4KB

Download
memory/1888-28-0x0000000000150000-0x0000000000151000-memory.dmp

Filesize
4KB

Download
memory/1888-35-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-34-0x0000000000170000-0x0000000000171000-memory.dmp

Filesize
4KB

Download
memory/1888-37-0x0000000000170000-0x0000000000171000-memory.dmp

Filesize
4KB

Download
memory/1888-44-0x0000000000180000-0x0000000000181000-memory.dmp

Filesize
4KB

Download
memory/1888-42-0x0000000000180000-0x0000000000181000-memory.dmp

Filesize
4KB

Download
memory/1888-40-0x0000000000180000-0x0000000000181000-memory.dmp

Filesize
4KB

Download
memory/1888-39-0x0000000000170000-0x0000000000171000-memory.dmp

Filesize
4KB

Download
memory/1888-46-0x0000000000190000-0x0000000000191000-memory.dmp

Filesize
4KB

Download
memory/1888-45-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-48-0x0000000000190000-0x0000000000191000-memory.dmp

Filesize
4KB

Download
memory/1888-50-0x0000000000190000-0x0000000000191000-memory.dmp

Filesize
4KB

Download
memory/1888-51-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/1888-53-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-54-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/1888-61-0x00000000001F0000-0x00000000001F1000-memory.dmp

Filesize
4KB

Download
memory/1888-59-0x00000000001F0000-0x00000000001F1000-memory.dmp

Filesize
4KB

Download
memory/1888-62-0x0000000000200000-0x0000000000201000-memory.dmp

Filesize
4KB

Download
memory/1888-57-0x00000000001F0000-0x00000000001F1000-memory.dmp

Filesize
4KB

Download
memory/1888-56-0x00000000001A0000-0x00000000001A1000-memory.dmp

Filesize
4KB

Download
memory/1888-65-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-64-0x0000000000200000-0x0000000000201000-memory.dmp

Filesize
4KB

Download
memory/1888-67-0x0000000000200000-0x0000000000201000-memory.dmp

Filesize
4KB

Download
memory/1888-70-0x0000000000210000-0x0000000000211000-memory.dmp

Filesize
4KB

Download
memory/1888-68-0x0000000000210000-0x0000000000211000-memory.dmp

Filesize
4KB

Download
memory/1888-78-0x00000000777A0000-0x00000000777A1000-memory.dmp

Filesize
4KB

Download
memory/1888-80-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-92-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-99-0x000000007779F000-0x00000000777A0000-memory.dmp

Filesize
4KB

Download
memory/1888-97-0x0000000001050000-0x0000000001B83000-memory.dmp

Filesize
11.2MB

Download