Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    299s
  • max time network
    265s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    17-06-2024 05:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    61ca0a406a84a3cbcf42c4fa83f213cc7d00adc19c2c70c6514c96d6d1623261.exe

  • Size

    1.3MB

  • MD5

    5a7104532dcc329a8626e6950efa0258

  • SHA1

    d246afe1058aa147b62505a4626ad91021b78784

  • SHA256

    61ca0a406a84a3cbcf42c4fa83f213cc7d00adc19c2c70c6514c96d6d1623261

  • SHA512

    353c35c815843c5afbf0b4d177be9423c298cf9d993f31c00e189f1eb7c5925360d8fa98f01eeaf768f282d1d26b432e2b9c78ff50638081218e8645ee025671

  • SSDEEP

    24576:uMMev9hjfaM7aYb1avzPM56a/no4wQNsiK3LRcglnuBAa:3hj37aYcUMino4l63tIAa

Score
10/10
riseprostealer

Malware Config

Extracted

Family

risepro

C2

147.45.47.126:58709

Signatures

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro
  • Suspicious use of NtSetInformationThreadHideFromDebugger 30 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\61ca0a406a84a3cbcf42c4fa83f213cc7d00adc19c2c70c6514c96d6d1623261.exe
    "C:\Users\Admin\AppData\Local\Temp\61ca0a406a84a3cbcf42c4fa83f213cc7d00adc19c2c70c6514c96d6d1623261.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:2004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2004-1-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-0-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-2-0x0000000000644000-0x00000000006E2000-memory.dmp

    Filesize

    632KB

    Download

  • memory/2004-4-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-5-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-6-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-7-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-8-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-9-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-10-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-11-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-12-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-13-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-14-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-15-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-16-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-17-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-18-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-19-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-20-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-21-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-22-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-23-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-24-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-25-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-26-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-27-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-28-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-29-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-30-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-31-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-32-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2004-33-0x00000000001B0000-0x00000000006E2000-memory.dmp

    Filesize

    5.2MB

    Download