risepro | b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc

Analysis

max time kernel
146s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240220-en
resource tags

arch:x64arch:x86image:win10v2004-20240220-enlocale:en-usos:windows10-2004-x64system
submitted
21/02/2024, 03:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe
Size

6.6MB
MD5

b1a098476dd2f216c9c08d09e7dcf6f0
SHA1

873a36b744a23e4ffaffc21c927bfb348fb690c1
SHA256

b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc
SHA512

b10e16f4a3dbd6aba4b130acb7e97dcfe2bc285888ebdd43cd2b5d50955078a2d6c6ccfc535c9fb7ac43efb9e55baa3d302118ff4eeef1fc7b76bb7bf617f86e
SSDEEP

196608:V5x6JkQL119ASGbcM/4HIBc/vFxjpwyyu9EM32Ar:8LS/jBc9Vr

Score

10^/10

risepro stealer

Malware Config

Extracted

Family

risepro

193.233.132.55:50500

Signatures

RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
stealer risepro

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4704	b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe
4704	b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe

C:\Users\Admin\AppData\Local\Temp\b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe
"C:\Users\Admin\AppData\Local\Temp\b9901f6daa8d87155e5f7ce9d36639183cdd977853d70d796d72e3505852fdfc.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4704-0-0x0000000003640000-0x0000000003641000-memory.dmp

Filesize
4KB

Download
memory/4704-1-0x0000000000C10000-0x0000000001743000-memory.dmp

Filesize
11.2MB

Download
memory/4704-2-0x0000000003650000-0x0000000003651000-memory.dmp

Filesize
4KB

Download
memory/4704-3-0x0000000003660000-0x0000000003661000-memory.dmp

Filesize
4KB

Download
memory/4704-5-0x0000000003680000-0x0000000003681000-memory.dmp

Filesize
4KB

Download
memory/4704-4-0x0000000003670000-0x0000000003671000-memory.dmp

Filesize
4KB

Download
memory/4704-6-0x0000000003690000-0x0000000003691000-memory.dmp

Filesize
4KB

Download
memory/4704-7-0x00000000036A0000-0x00000000036A1000-memory.dmp

Filesize
4KB

Download
memory/4704-8-0x00000000036B0000-0x00000000036B1000-memory.dmp

Filesize
4KB

Download
memory/4704-11-0x00000000037F0000-0x00000000037F1000-memory.dmp

Filesize
4KB

Download
memory/4704-10-0x00000000037E0000-0x00000000037E1000-memory.dmp

Filesize
4KB

Download
memory/4704-9-0x00000000036C0000-0x00000000036C1000-memory.dmp

Filesize
4KB

Download
memory/4704-12-0x0000000003800000-0x0000000003801000-memory.dmp

Filesize
4KB

Download
memory/4704-13-0x0000000003810000-0x0000000003811000-memory.dmp

Filesize
4KB

Download
memory/4704-14-0x0000000003820000-0x0000000003821000-memory.dmp

Filesize
4KB

Download
memory/4704-15-0x0000000003840000-0x0000000003841000-memory.dmp

Filesize
4KB

Download
memory/4704-16-0x0000000003850000-0x0000000003851000-memory.dmp

Filesize
4KB

Download
memory/4704-18-0x0000000003870000-0x0000000003871000-memory.dmp

Filesize
4KB

Download
memory/4704-17-0x0000000003860000-0x0000000003861000-memory.dmp

Filesize
4KB

Download
memory/4704-19-0x0000000003880000-0x0000000003881000-memory.dmp

Filesize
4KB

Download
memory/4704-20-0x0000000003890000-0x0000000003891000-memory.dmp

Filesize
4KB

Download
memory/4704-21-0x0000000000C10000-0x0000000001743000-memory.dmp

Filesize
11.2MB

Download
memory/4704-24-0x0000000000C10000-0x0000000001743000-memory.dmp

Filesize
11.2MB

Download