risepro | 479c85e8cba2d4eeebf3db349b9004a9ca6a4e20f45a651a15e50b01e461c170

Analysis

max time kernel
148s
max time network
97s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09/04/2024, 14:34

Target

479c85e8cba2d4eeebf3db349b9004a9ca6a4e20f45a651a15e50b01e461c170.exe
Size

875KB
MD5

e03cf843bdb999b5ae92e8c8bda832aa
SHA1

a186ea95d3d552e7f3c2ce0013eaa9899baf652c
SHA256

479c85e8cba2d4eeebf3db349b9004a9ca6a4e20f45a651a15e50b01e461c170
SHA512

f522d591a1c4de75c21a2c034bef6cea3a471c9e5ae41a65b5d0f9c9404202828f36d3f88327924dee27245fa4ac1b28e8ab9387b1d61c23963faff9efc3627e
SSDEEP

12288:VSY0thA0ZR5zxE6AWIDyImjLh89p3oX96/LA6vWScjmtWzq3VYqAWR14b1NHxJps:P0X5DAWIDxBq9GA6RWmGqFKb1NHxJ5A

Score

10^/10

risepro stealer

RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
stealer risepro

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4332	3312	WerFault.exe	84

C:\Users\Admin\AppData\Local\Temp\479c85e8cba2d4eeebf3db349b9004a9ca6a4e20f45a651a15e50b01e461c170.exe
"C:\Users\Admin\AppData\Local\Temp\479c85e8cba2d4eeebf3db349b9004a9ca6a4e20f45a651a15e50b01e461c170.exe"
1⤵
PID:3312
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3312 -s 588
  2⤵
  - Program crash
  PID:4332

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3312 -ip 3312
1⤵
PID:1452

memory/3312-1-0x0000000004A10000-0x0000000004AC1000-memory.dmp

Filesize
708KB

Download
memory/3312-2-0x0000000004AD0000-0x0000000004C1F000-memory.dmp

Filesize
1.3MB

Download
memory/3312-3-0x0000000000400000-0x0000000002DB8000-memory.dmp

Filesize
41.7MB

Download
memory/3312-6-0x0000000004A10000-0x0000000004AC1000-memory.dmp

Filesize
708KB

Download
memory/3312-7-0x0000000004AD0000-0x0000000004C1F000-memory.dmp

Filesize
1.3MB

Download