Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10-04-2024 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    48ba5590ccb8749a975e88e529bc28c996f12ff27081acff6d3d4e8c7cbd74e1.exe

  • Size

    924KB

  • MD5

    87c62e9e05502c344563f24d070c1944

  • SHA1

    c1a6f18d1c8ff04589f29386bc3b4bfbba8354a2

  • SHA256

    48ba5590ccb8749a975e88e529bc28c996f12ff27081acff6d3d4e8c7cbd74e1

  • SHA512

    b7a2ffa71aca5c6dbbb1503c5dbb4cb4cfbab78fffdf0fe45ec26c9841079f44e41c2a3bdd551cdbbed619cde54d88bba5acc09f088ae1f8d18e63cf0c63cf68

  • SSDEEP

    24576:hxagEcdjjaBrmpIb6VY7UoJB7uwe+vswdzj:bagEcheFmqQoeweenzj

Score
10/10
riseprostealer

Malware Config

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\48ba5590ccb8749a975e88e529bc28c996f12ff27081acff6d3d4e8c7cbd74e1.exe
    "C:\Users\Admin\AppData\Local\Temp\48ba5590ccb8749a975e88e529bc28c996f12ff27081acff6d3d4e8c7cbd74e1.exe"
    1⤵
      PID:1952
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1952 -s 564
        2⤵
        • Program crash
        PID:5084
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1952 -ip 1952
      1⤵
        PID:2300

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1952-1-0x0000000004AD0000-0x0000000004B89000-memory.dmp

        Filesize

        740KB

        Download

      • memory/1952-2-0x0000000004B90000-0x0000000004CDF000-memory.dmp

        Filesize

        1.3MB

        Download

      • memory/1952-3-0x0000000000400000-0x0000000002DC5000-memory.dmp

        Filesize

        41.8MB

        Download

      • memory/1952-4-0x0000000000400000-0x0000000002DC5000-memory.dmp

        Filesize

        41.8MB

        Download

      • memory/1952-6-0x0000000004AD0000-0x0000000004B89000-memory.dmp

        Filesize

        740KB

        Download

      • memory/1952-7-0x0000000004B90000-0x0000000004CDF000-memory.dmp

        Filesize

        1.3MB

        Download