Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    06/04/2024, 05:08

General

  • Target

    4712-2-0x00000000008A0000-0x000000000103E000-memory.exe

  • Size

    7.6MB

  • MD5

    ca0c5da0573c00be6ce3cac25cf0d6d5

  • SHA1

    f2f71b012a69f447e59529ba637be61ec0c15c28

  • SHA256

    db652736f59339bc3e46225af2d64a4c0e019444262cfa870f58875f2030b5df

  • SHA512

    dfc3643041c06e5ddb953d2b67e96469957fd011487d0e2cc9e83a86dcdb5eafea31cb4dc0ca7d5886237ff39cc25f831e3b72d63541e18eaf6113ffe60a2f60

  • SSDEEP

    98304:XFsM7fhuW6EsVzMyC5h6TkXde4IJHwnVzrTB8maD0huGb1rvKvqmHCZkH4wkjMwX:VzfhuFzMcSNTB8Pwoa9v4ji+YnpLrJ1

Score
10/10

Malware Config

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

Processes

  • C:\Users\Admin\AppData\Local\Temp\4712-2-0x00000000008A0000-0x000000000103E000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\4712-2-0x00000000008A0000-0x000000000103E000-memory.exe"
    1⤵
      PID:3028

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3028-0-0x0000000001450000-0x0000000001BEE000-memory.dmp

            Filesize

            7.6MB