General

  • Target

    612d46d700db7c8fba70499dac9c8ea85f5a783083f5debcc1d8268bedd28df8

  • Size

    1.6MB

  • Sample

    240415-vnd6lsbe77

  • MD5

    04f5d1b6bda7ccc4db153d22e4e12bda

  • SHA1

    a778abde72a988fbf72585d61a4561716df3b3ae

  • SHA256

    612d46d700db7c8fba70499dac9c8ea85f5a783083f5debcc1d8268bedd28df8

  • SHA512

    7c71158b19406b44ef30fa14588dcca1f4dac5ae8e4881274d8320d331641774b80cdbd880e19dac7576373d00462126dd557fcaba747a85103b0dfa837a39a5

  • SSDEEP

    49152:Qc0wxLJlJfM3uX1P0LapiWJQudoa9ylQ5:Q3wxLK+XjJZye

Score
10/10

Malware Config

Extracted

Family

risepro

C2

45.15.156.142:50500

Targets

    • Target

      612d46d700db7c8fba70499dac9c8ea85f5a783083f5debcc1d8268bedd28df8

    • Size

      1.6MB

    • MD5

      04f5d1b6bda7ccc4db153d22e4e12bda

    • SHA1

      a778abde72a988fbf72585d61a4561716df3b3ae

    • SHA256

      612d46d700db7c8fba70499dac9c8ea85f5a783083f5debcc1d8268bedd28df8

    • SHA512

      7c71158b19406b44ef30fa14588dcca1f4dac5ae8e4881274d8320d331641774b80cdbd880e19dac7576373d00462126dd557fcaba747a85103b0dfa837a39a5

    • SSDEEP

      49152:Qc0wxLJlJfM3uX1P0LapiWJQudoa9ylQ5:Q3wxLK+XjJZye

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      $INTERNET_CACHE/Engineering

    • Size

      299KB

    • MD5

      f802e07cff596069adb7aa7b480cfe1a

    • SHA1

      4ef8653ed9236f1462a07418b3c6bda288f8040e

    • SHA256

      84481313e393fff2d1523bd10af35fe074f29d05095a82cc42b162a1166b0fb6

    • SHA512

      08426b2914a3543d27ad269e357bf3a75e815dbf2654ca94333d0cca24e03a5462d0b49836254aaa4bd257e3792c95408490440f1e8b2c56bd29958d121f58fa

    • SSDEEP

      3072:k8Q10uXRcQPkskqj0xVIxlxvxRZa0x58g1GaSyM0:k8QuuXRR0VwzpRZa058gVz

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks