risepro | b94f79a6173ea6a674f7a3269ef67b648629ad73c03a69c8c29261394bb7fe72 | Triage

Sharing

General

Target

b94f79a6173ea6a674f7a3269ef67b648629ad73c03a69c8c29261394bb7fe72
Size

1.3MB
Sample

240620-23nrxswcnl
MD5

5de967b32ccd8caca224321d973c76fb
SHA1

f29e3ecb37ff244f0a80f50333ef937969afeaa1
SHA256

b94f79a6173ea6a674f7a3269ef67b648629ad73c03a69c8c29261394bb7fe72
SHA512

39bd08ef14be8d6cf8c3f1345c3191e9fe4c74369f3c59efc8f5c27edad15f9e14470ce83f103394a2100ba1b07e25629bda02047da13b443ab0c669bc9ad2e8
SSDEEP

24576:9rt+zllz7+QDSfCpUugcVN1Hli3nqEjQiDcjPdrqwQ+gsiK3H2xgkHOW1:927z7+1fCpjgcpM6EjQiDcjpqli3Wxg2

Score

10^/10

risepro stealer

Malware Config

Extracted

Family

risepro

C2

147.45.47.126:58709

Targets

- Target
  
  b94f79a6173ea6a674f7a3269ef67b648629ad73c03a69c8c29261394bb7fe72
- Size
  
  1.3MB
- MD5
  
  5de967b32ccd8caca224321d973c76fb
- SHA1
  
  f29e3ecb37ff244f0a80f50333ef937969afeaa1
- SHA256
  
  b94f79a6173ea6a674f7a3269ef67b648629ad73c03a69c8c29261394bb7fe72
- SHA512
  
  39bd08ef14be8d6cf8c3f1345c3191e9fe4c74369f3c59efc8f5c27edad15f9e14470ce83f103394a2100ba1b07e25629bda02047da13b443ab0c669bc9ad2e8
- SSDEEP
  
  24576:9rt+zllz7+QDSfCpUugcVN1Hli3nqEjQiDcjPdrqwQ+gsiK3H2xgkHOW1:927z7+1fCpjgcpM6EjQiDcjpqli3Wxg2
Score

10^/10

risepro stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2