Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    195s
  • max time network
    299s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    08/05/2024, 23:06

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5ba07e81b410e0fba8a307dd78bfd55d84f2cf71ab45f38aa2a830792395574b.exe

  • Size

    4.3MB

  • MD5

    0d5486a821729f5f084839e5a12b81fe

  • SHA1

    cce56e8792a9e4d48c1e7b6fae5eaca9b5242919

  • SHA256

    5ba07e81b410e0fba8a307dd78bfd55d84f2cf71ab45f38aa2a830792395574b

  • SHA512

    c6f4d15d4055164d7a5a85806102697f0388c7cb298a8b5f6bec33e170db363e8c6da6a48944524fd403d87ca84acdda026419908c3ddd431c9373df426962ad

  • SSDEEP

    98304:VlczZc+dbvXpPo3JR5ng79k5iQdWe2D74t7vDWT0:vIZTTp6PRgO5iQdF2/+DWT0

Score
10/10
riseprostealer

Malware Config

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ba07e81b410e0fba8a307dd78bfd55d84f2cf71ab45f38aa2a830792395574b.exe
    "C:\Users\Admin\AppData\Local\Temp\5ba07e81b410e0fba8a307dd78bfd55d84f2cf71ab45f38aa2a830792395574b.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1768

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1768-7-0x0000000000E60000-0x000000000160B000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/1768-6-0x0000000003610000-0x0000000003611000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1768-5-0x0000000003600000-0x0000000003601000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1768-4-0x00000000035F0000-0x00000000035F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1768-3-0x0000000001B20000-0x0000000001B21000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1768-2-0x0000000001B10000-0x0000000001B11000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1768-1-0x0000000001B00000-0x0000000001B01000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1768-0-0x0000000000FE7000-0x00000000011CF000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/1768-10-0x0000000000FE7000-0x00000000011CF000-memory.dmp

          Filesize

          1.9MB

          Download