Overview

overview

10

Static

static

1

19fcb71913...27.exe

windows7-x64

10

19fcb71913...27.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    033e16b6c1080d304d9abcc618db3bdb.bin

  • Size

    2.3MB

  • Sample

    240624-bcsebavgjl

  • MD5

    74dde9cf6fc3c46081187c90f2926f8b

  • SHA1

    14ae3a80c6f96b30f8fb4cabefd42047cd534430

  • SHA256

    6eac71bcb6ff95f797abd2ac7b96e7e88716b3193bd71856b712fdced8f5dbc3

  • SHA512

    1b0a9d57e3748d76623b5687c71b4a57c998e941fee442a2a48296026a157012698acd7300c34dd071f009bea684bc7af40cecec723c465f070f56ff2f440685

  • SSDEEP

    49152:8+RCEKosnFKU1KvSGkVFEqL4ictt4jdRVMrl5rttYko:8+RCEcFGSGHRF/4pc3bs

Score
10/10
riseprostealer

Malware Config

Targets

    • Target

      19fcb719130f0edd27552e014d5b446e85faabe82611311be6dbe28d33463327.exe

    • Size

      2.4MB

    • MD5

      033e16b6c1080d304d9abcc618db3bdb

    • SHA1

      eda03c02fb2b8b58001af72390e9591b8a71ec64

    • SHA256

      19fcb719130f0edd27552e014d5b446e85faabe82611311be6dbe28d33463327

    • SHA512

      dbed8360dadb8d1733e2cf8c4412c4a468ade074000906d4ea98680f574ed1027fc326ccb50370166d901b011a140e5ee70fb9901ff53bf1205d85db097f1b79

    • SSDEEP

      49152:DWJ8voaN5Qz+lN4k8nIzHO0TcZxkYNdhN1vTLhczB17wIOmeG0Kwk:DcEoaNpN4/WHRTcZxkO7BcFBImMKV

    Score
    10/10
    riseprostealer

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

      stealerrisepro

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks