Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    193s
  • max time network
    303s
  • platform
    windows10-1703_x64
  • resource
    win10-20240221-en
  • resource tags

    arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
  • submitted
    15/03/2024, 04:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d059f4d04c9b70923961d638dcbf9988e76becbb3aa246da9aa888c608ecfa8f.exe

  • Size

    6.5MB

  • MD5

    908c4f8f4d940936b0877bcbc962f542

  • SHA1

    4f29092711596c75e3fb337f4189f7f1d074f9e0

  • SHA256

    d059f4d04c9b70923961d638dcbf9988e76becbb3aa246da9aa888c608ecfa8f

  • SHA512

    5030eba892ea3f907fc2f44e4073278a8477031b7eca9686fdfee7263f1ccee24791f474a134c762593be1b2df3cdbb8777910559b294af3a78754e3fcb7fb49

  • SSDEEP

    98304:whX6bFxKxJGFNdnbCkRak2JEf6R0Fc5XJBb/X1qniFQKesVnqc8pA0kkqCYQmPM:whqxxKxa7mWXGzBbSiFXxVn70kLRQJ

Score
10/10
riseprostealer

Malware Config

Extracted

Family

risepro

C2

193.233.132.67:50500

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d059f4d04c9b70923961d638dcbf9988e76becbb3aa246da9aa888c608ecfa8f.exe
    "C:\Users\Admin\AppData\Local\Temp\d059f4d04c9b70923961d638dcbf9988e76becbb3aa246da9aa888c608ecfa8f.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/204-0-0x00000000010A0000-0x0000000001DAA000-memory.dmp

    Filesize

    13.0MB

    Download

  • memory/204-6-0x0000000000550000-0x0000000000551000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-7-0x0000000000560000-0x0000000000561000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-8-0x0000000000590000-0x0000000000591000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-9-0x00000000006B0000-0x00000000006B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-11-0x0000000000C70000-0x0000000000C71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-10-0x00000000006C0000-0x00000000006C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/204-13-0x00000000010A0000-0x0000000001DAA000-memory.dmp

    Filesize

    13.0MB

    Download

  • memory/204-15-0x00000000010A0000-0x0000000001DAA000-memory.dmp

    Filesize

    13.0MB

    Download