General

  • Target

    80766f346a1033b1abfeeabc7180a880_NeikiAnalytics

  • Size

    1005KB

  • Sample

    240509-tgznasac6t

  • MD5

    80766f346a1033b1abfeeabc7180a880

  • SHA1

    2568f835441d53bc785a4ddf8537814826e3d064

  • SHA256

    86a6beb6802f9ec2aa387143ba41461fb82783226223ba68b44e49b21c8d3d62

  • SHA512

    029d53c19dd434b410eb61158e8a653c3d3725b50de9e5bb7dd766baed93a37574b3171509ee7e968d18158d89082029e74881630fb852c37b305053ec5c87aa

  • SSDEEP

    12288:VMrry90H6OndYa8eQHWFiUDhbkYuuDu6rtRHvb6sCIoxV+pY62N7198r3GJnWIi:KypOnDiU9Pyyhj6sUx+07cSkN

Malware Config

Extracted

Family

risepro

C2

194.49.94.152

Targets

    • Target

      80766f346a1033b1abfeeabc7180a880_NeikiAnalytics

    • Size

      1005KB

    • MD5

      80766f346a1033b1abfeeabc7180a880

    • SHA1

      2568f835441d53bc785a4ddf8537814826e3d064

    • SHA256

      86a6beb6802f9ec2aa387143ba41461fb82783226223ba68b44e49b21c8d3d62

    • SHA512

      029d53c19dd434b410eb61158e8a653c3d3725b50de9e5bb7dd766baed93a37574b3171509ee7e968d18158d89082029e74881630fb852c37b305053ec5c87aa

    • SSDEEP

      12288:VMrry90H6OndYa8eQHWFiUDhbkYuuDu6rtRHvb6sCIoxV+pY62N7198r3GJnWIi:KypOnDiU9Pyyhj6sUx+07cSkN

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Drops startup file

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks