General

  • Target

    limba.exe

  • Size

    1.3MB

  • Sample

    240615-vjeata1hmq

  • MD5

    5178ea0cef1b85639039281ab87587db

  • SHA1

    edb98e3596bf0b702718c5fc113028db477bbdf7

  • SHA256

    b6c4de0e0c933ed85fcdb0bc6c33de4be0bb02e893204ceb61b2393530941e8b

  • SHA512

    b22291c365e462b74e0afe7aa163f72973b8b234e2e2988eaba29ef0ee6c69efa4e74d8e8db4caca91688566a1a76d569e4433784ff4655deb0d6f1d1f3e4e26

  • SSDEEP

    24576:z7OcU8RfG5bREFLKoYXOsfpKrV7DB+DbRN7on7OwQW6icoECU7wU3nQ3v0lRC:XO58RfG9RFoGKrS1o7OlVoE9B3QcRC

Score
10/10

Malware Config

Extracted

Family

risepro

C2

147.45.47.126:58709

Targets

    • Target

      limba.exe

    • Size

      1.3MB

    • MD5

      5178ea0cef1b85639039281ab87587db

    • SHA1

      edb98e3596bf0b702718c5fc113028db477bbdf7

    • SHA256

      b6c4de0e0c933ed85fcdb0bc6c33de4be0bb02e893204ceb61b2393530941e8b

    • SHA512

      b22291c365e462b74e0afe7aa163f72973b8b234e2e2988eaba29ef0ee6c69efa4e74d8e8db4caca91688566a1a76d569e4433784ff4655deb0d6f1d1f3e4e26

    • SSDEEP

      24576:z7OcU8RfG5bREFLKoYXOsfpKrV7DB+DbRN7on7OwQW6icoECU7wU3nQ3v0lRC:XO58RfG9RFoGKrS1o7OlVoE9B3QcRC

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks