risepro | ac5d5433a4aed9bc34ab785c5c4c9d14db49eb4452877983a3bf069fa1037432 | Triage

Submit
Reports

Overview

overview

Static

static

1

incredibui...11.exe

windows11-21h2-x64

Sharing

General

Target

incredibuild10_1_11.exe
Size

84.7MB
Sample

240530-yh6kfsab63
MD5

5d6a578a7f92eb97576dc393df412889
SHA1

846823de23dacd23fec823878d65e27a5aea3072
SHA256

ac5d5433a4aed9bc34ab785c5c4c9d14db49eb4452877983a3bf069fa1037432
SHA512

2980290563d76a742858cb8298a3ea7fbe180ed768961f205433813e860607d746786f29c0c8602a04efce130e7e23cf79f822fa412d1c65c246cf92a8f38a4b
SSDEEP

1572864:kgIt36yoISqSwikmXW2BH0Vl4S0haS1wi+2TAeuUJq1M9RJg8hfXD5:kgIx2qSwihXW2BRS0haowidTTHRJg8hF

Score

10^/10

risepro discovery persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

incredibuild10_1_11.exe

Resource

win11-20240508-en

risepro discovery persistence stealer

windows11-21h2-x64

18 signatures

600 seconds

Malware Config

Targets

- Target
  
  incredibuild10_1_11.exe
- Size
  
  84.7MB
- MD5
  
  5d6a578a7f92eb97576dc393df412889
- SHA1
  
  846823de23dacd23fec823878d65e27a5aea3072
- SHA256
  
  ac5d5433a4aed9bc34ab785c5c4c9d14db49eb4452877983a3bf069fa1037432
- SHA512
  
  2980290563d76a742858cb8298a3ea7fbe180ed768961f205433813e860607d746786f29c0c8602a04efce130e7e23cf79f822fa412d1c65c246cf92a8f38a4b
- SSDEEP
  
  1572864:kgIt36yoISqSwikmXW2BH0Vl4S0haS1wi+2TAeuUJq1M9RJg8hfXD5:kgIx2qSwihXW2BRS0haowidTTHRJg8hF
Score

10^/10

risepro discovery persistence stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

riseprodiscoverypersistencestealer

© 2018-2025

Terms | Privacy