Analysis
-
max time kernel
146s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
15/04/2024, 11:10
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
ae92db188f69cec41e14be06a782fd8baa3d313e56302b589e9becb3f2432697.exe
Resource
win10v2004-20240412-en
2 signatures
150 seconds
General
-
Target
ae92db188f69cec41e14be06a782fd8baa3d313e56302b589e9becb3f2432697.exe
-
Size
912KB
-
MD5
7172e01bfc23801c903674b67380c0c5
-
SHA1
d025655f43dfff76d1b328c9dce9c1639ac7442b
-
SHA256
ae92db188f69cec41e14be06a782fd8baa3d313e56302b589e9becb3f2432697
-
SHA512
671796bf92fa0f5e9d8d18efc2d8cd95d559bb3236aecd5b9b3aea44cde7926ed743dd54a07d445194ade70a95151e41a453a75a1b5152ef4ff64ad9b65f0dff
-
SSDEEP
24576:IRTHAv3PDIPOJYBV1Ck5nG9dVsmeTfCle:2TH437ISeTCk5nG9daVT
Malware Config
Extracted
Family
risepro
C2
147.45.47.93:58709
Signatures
Processes
-
C:\Users\Admin\AppData\Local\Temp\ae92db188f69cec41e14be06a782fd8baa3d313e56302b589e9becb3f2432697.exe"C:\Users\Admin\AppData\Local\Temp\ae92db188f69cec41e14be06a782fd8baa3d313e56302b589e9becb3f2432697.exe"1⤵PID:5036
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5036 -s 5922⤵
- Program crash
PID:4036
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 5036 -ip 50361⤵PID:1188