risepro | 1428-3-0x0000000000710000-0x0000000000D21000-memory[.]dmp | Triage

Sharing

General

Target

1428-3-0x0000000000710000-0x0000000000D21000-memory.dmp
Size

6.1MB
MD5

4cc0764f4d76dde9ab10b33f26c5bcc0
SHA1

6d7998ac5d87d8e4d2caaad6809b6d5468a05fb4
SHA256

968fb7dd2878869f8cd06c1a4269adf40290670152b952b64e7e0e59a5c780d2
SHA512

f30dc7c5b47f576d18c768a274b3a725e1f92ee455feb87c8d173af0fab0e13c907895f71513ec105b7938b27d8a09e3fd8958d1e6983cb067518318593bee31
SSDEEP

98304:gcZFT35zap0v1fWQLZWfmuTaaGUgxM3pAFLqYZkCizho31vUKFHwPlY:XT352p61OQLZWfYju0U+we

Score

10^/10

risepro

Malware Config

Signatures

Risepro family
risepro

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1428-3-0x0000000000710000-0x0000000000D21000-memory.dmp

Files

1428-3-0x0000000000710000-0x0000000000D21000-memory.dmp
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

snryzgjb
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ekyjthix
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE