risepro

Sharing

Copy URL

Twitter E-mail

General

Target

screen_recorder_install_20240620.1-981596.exe
Size

1.3MB
Sample

240624-13fkwaxeqk
MD5

423b7c6c49a6a71c2e5de8bb30d82a80
SHA1

a8068703372ae00821df45d3d1e83528d5b75530
SHA256

fa303eadc3cce05e0c0758c95d58e37be1ce42218f2a34392cd68eeff8ff487e
SHA512

d313f7546096291a67235fea8bda15521c3d31663680eb2ceeb6d61d77ca48ec089444f3681cb2de00dce3ea1255d82e55829f124f9df890e41378ea9641e031
SSDEEP

24576:lAAbeg/aRWe00Sc72z5ZexkXjoePAL6be7cpzUQP2zk+QLgumxo/hTjPppgepa/G:y00Sec5Z1oePUFsg+U2/hxpPa/NY

Score

10^/10

Malware Config

Targets

- Target
  
  screen_recorder_install_20240620.1-981596.exe
- Size
  
  1.3MB
- MD5
  
  423b7c6c49a6a71c2e5de8bb30d82a80
- SHA1
  
  a8068703372ae00821df45d3d1e83528d5b75530
- SHA256
  
  fa303eadc3cce05e0c0758c95d58e37be1ce42218f2a34392cd68eeff8ff487e
- SHA512
  
  d313f7546096291a67235fea8bda15521c3d31663680eb2ceeb6d61d77ca48ec089444f3681cb2de00dce3ea1255d82e55829f124f9df890e41378ea9641e031
- SSDEEP
  
  24576:lAAbeg/aRWe00Sc72z5ZexkXjoePAL6be7cpzUQP2zk+QLgumxo/hTjPppgepa/G:y00Sec5Z1oePUFsg+U2/hxpPa/NY
Score

10^/10

risepro discovery execution stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Drops file in Drivers directory
- Downloads MZ/PE file
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $TEMP/downloader_easeus/2.0.0/12free/EDownloader.exe
- Size
  
  1.2MB
- MD5
  
  4d915795d41f42e5059ec91ddf20a9de
- SHA1
  
  b326fd86cd6a0b6213b9535c79d82489246783c2
- SHA256
  
  1222423e82db8893b227833f4d16f1c073057df5b9bacbb3c4174e00a56261e7
- SHA512
  
  8e50684c2deac8efd2ec6211028055777317e5ff51f7c9e19d3cd2ad0d359bb2dd4c1163d5b63b2a079b97b2c27d56f9caa89750e8181b6c433fdcf69310025c
- SSDEEP
  
  24576:EAYOAbKbCPyu/gs4wsrd0sX1GQJNkxmySzL7xo7Ry1j6ME2Qf7gPWyFs+:EfOWdj4R5Bo7cj6Md67gPjy+
Score

1^/10
behavioral3 behavioral4
- Target
  
  $TEMP/downloader_easeus/2.0.0/12free/aliyun/AliyunWrap.dll
- Size
  
  476KB
- MD5
  
  1ff4ff46834cba11482fb5d0f8c533ab
- SHA1
  
  6295fbebf55542839454c1a54c3e00355f020043
- SHA256
  
  bc2f1685f7157336027d370718dd2428c8a3883450a6191979d22745c3bca7fc
- SHA512
  
  659604861088c164d53d87bad6bbd24ef01c539d63322da541de29b9d14398c484396b16f627d2fb32b6d9b934e7a4b4a25bcfecadf9d13a7db4d9e97086c583
- SSDEEP
  
  12288:LaK0OuDBlYPIj/q9DQsEfExtrlp87pMaIPuboWMlyF0P/:Z9DeuBc/IPu8WMAF0P/
Score

3^/10
behavioral5 behavioral6
- Target
  
  $TEMP/downloader_easeus/2.0.0/12free/aliyun/AliyunWrapExe.exe
- Size
  
  101KB
- MD5
  
  1b6da142052f6736f7a657149de75bee
- SHA1
  
  1affdaa5faaa6844e6f47e5827ff351975be6cd3
- SHA256
  
  015b2652280118c2c5016fec99fc542e32fd39ddfc9df513fe49677fc9bf6d42
- SHA512
  
  bf4eeff93839045d71115e7b7b79755b0b871ceca221a3eaedcccb19b9492672f04ee166192809ecdaa1575160bf2516fad5f5062520613dcc1f062577ae3555
- SSDEEP
  
  1536:x554a+kMgHZ73LkUluTbDJgX+oLENoN2CraI9WkF1X8OEdlg5BaAUY7BB:CswTbD6LLraInhEdlg5BJUYdB
Score

1^/10
behavioral7 behavioral8
- Target
  
  $TEMP/downloader_easeus/2.0.0/12free/aliyun/InfoForSetup.exe
- Size
  
  60KB
- MD5
  
  af8a1f5caf9c8411d3eee07007450910
- SHA1
  
  5a3c2bd68f6e180920e94319f305f56defb995e0
- SHA256
  
  e23e375713ec4d7372dc3fababfaa612ecced4f207e7bd68ce5571a21499e2bd
- SHA512
  
  feddc353f9f8ce519f88fe8618c52b30eb6dd9a21391c295b95196183be010bbc03d3b605df72936804fc724b7075bc52af153c0ae477966bb7aac046a9da55e
- SSDEEP
  
  768:6Vyp8XwXEXrjOgRXvLH4IE3jDnIoiiBbIADgykhUMId50BLbCYiBwa:6ECwXShvLYIE3nnInie2khc50U7Bn
Score

1^/10
behavioral10 behavioral9