risepro | ceb89c17dee95e5cd84f9d2d17829ee99bbe64c19316e23a2c712b437dbe3966 | Triage

Submit
Reports

Overview

overview

Static

static

3

Nado_MultiTool.exe

windows10-2004-x64

Sharing

General

Target

Nado_MultiTool.exe
Size

6.5MB
Sample

240627-xxv7laybmm
MD5

e442352d6870d0a0a54a52df6072dd0c
SHA1

7ff5400d6ae2e46988bc34b0023918e7dafaf509
SHA256

ceb89c17dee95e5cd84f9d2d17829ee99bbe64c19316e23a2c712b437dbe3966
SHA512

53c81585ee16bdc2936afe71910d001fe40f927e032a0abee8412c5cebf3a62808d9806820cd9f7d7777f341b7b464173c352b334c1e9d7d2493410f1c799605
SSDEEP

196608:grCASUHWP3ny4a488g8i51eO3nBVJ/lhZICFNaHJ6VMGW:9ASUd4y8i5LnBVZlXIEkp6V

Score

10^/10

risepro stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Nado_MultiTool.exe

Resource

win10v2004-20240226-en

risepro stealer

windows10-2004-x64

14 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Nado_MultiTool.exe
- Size
  
  6.5MB
- MD5
  
  e442352d6870d0a0a54a52df6072dd0c
- SHA1
  
  7ff5400d6ae2e46988bc34b0023918e7dafaf509
- SHA256
  
  ceb89c17dee95e5cd84f9d2d17829ee99bbe64c19316e23a2c712b437dbe3966
- SHA512
  
  53c81585ee16bdc2936afe71910d001fe40f927e032a0abee8412c5cebf3a62808d9806820cd9f7d7777f341b7b464173c352b334c1e9d7d2493410f1c799605
- SSDEEP
  
  196608:grCASUHWP3ny4a488g8i51eO3nBVJ/lhZICFNaHJ6VMGW:9ASUd4y8i5LnBVZlXIEkp6V
Score

10^/10

risepro stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy