Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/05/2024, 11:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    dca8e7825b85a9c21b5cb1290c98ca201b7029fa0aad210ad3df4c4ccc358edc.exe

  • Size

    981KB

  • MD5

    9528d56c3943b8891cec389946d48cdb

  • SHA1

    5844828473650b2ad589829cefd65d91808f5dd2

  • SHA256

    dca8e7825b85a9c21b5cb1290c98ca201b7029fa0aad210ad3df4c4ccc358edc

  • SHA512

    c25b4926459cf2ab4cce3d5371a9994a267dcf21ea7330a495babd05bb450ed2034074a94bdee7d08db9877c7b135b1664cef7b9e3e794acd36229b76946c474

  • SSDEEP

    24576:/C+s4JTdXvcrsgp8e8Yo32vFMYAbeTyfutqN2hU1:6ZyvcrxpK3iC9e5Qj

Score
10/10
riseprostealer

Malware Config

Extracted

Family

risepro

C2

54.180.28.87:50500

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dca8e7825b85a9c21b5cb1290c98ca201b7029fa0aad210ad3df4c4ccc358edc.exe
    "C:\Users\Admin\AppData\Local\Temp\dca8e7825b85a9c21b5cb1290c98ca201b7029fa0aad210ad3df4c4ccc358edc.exe"
    1⤵
      PID:448
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 448 -s 580
        2⤵
        • Program crash
        PID:2624
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 448 -ip 448
      1⤵
        PID:3140

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/448-1-0x0000000002490000-0x0000000002560000-memory.dmp

              Filesize

              832KB

              Download

            • memory/448-2-0x0000000002560000-0x00000000026FF000-memory.dmp

              Filesize

              1.6MB

              Download

            • memory/448-3-0x0000000000400000-0x00000000005A1000-memory.dmp

              Filesize

              1.6MB

              Download

            • memory/448-4-0x0000000000400000-0x000000000084C000-memory.dmp

              Filesize

              4.3MB

              Download

            • memory/448-6-0x0000000002490000-0x0000000002560000-memory.dmp

              Filesize

              832KB

              Download

            • memory/448-7-0x0000000002560000-0x00000000026FF000-memory.dmp

              Filesize

              1.6MB

              Download