General
-
Target
RisePro_Server.exe
-
Size
57.5MB
-
Sample
240227-fdypyage45
-
MD5
1e09287be79ea9e8970b009c60ec71e4
-
SHA1
fa44121e58fd7115842269053c0434d90a0dda2d
-
SHA256
3f1065fe34fb5335fcf26d96565d669af0eb18a8ff0b1dc5ab2f4cd172e27272
-
SHA512
902f0ba30ff8a3c72b32c8693c56dfa0aaa9955b42f65a1181873c710383fd76ca922752ffbcb81be4eebf6926f80f0a8f8dfdb467e77fbe935843f009f00174
-
SSDEEP
1572864:LcMpLABVCAtQbu4P5im/GpXyNqDK2vERS:LrpLaVFtQS4P6pZa
Static task
static1
Behavioral task
behavioral1
Sample
RisePro_Server.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
RisePro_Server.exe
-
Size
57.5MB
-
MD5
1e09287be79ea9e8970b009c60ec71e4
-
SHA1
fa44121e58fd7115842269053c0434d90a0dda2d
-
SHA256
3f1065fe34fb5335fcf26d96565d669af0eb18a8ff0b1dc5ab2f4cd172e27272
-
SHA512
902f0ba30ff8a3c72b32c8693c56dfa0aaa9955b42f65a1181873c710383fd76ca922752ffbcb81be4eebf6926f80f0a8f8dfdb467e77fbe935843f009f00174
-
SSDEEP
1572864:LcMpLABVCAtQbu4P5im/GpXyNqDK2vERS:LrpLaVFtQS4P6pZa
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-