risepro | e4883bfe1480181df3d2eb0e0a587be359260ee11a32176aab234eb707fe6f76 | Triage

Sharing

General

Target

LisectAVT_2403002A_419.exe
Size

4.8MB
Sample

240725-av894szdrg
MD5

42b90e270ab9cc4d1f6354045048b538
SHA1

080d0df0d03f707096cb974da2d683037e9cc63a
SHA256

e4883bfe1480181df3d2eb0e0a587be359260ee11a32176aab234eb707fe6f76
SHA512

fac869f426d33a58edf8af7b39b3615d774c951174f87ad9e61aee8e06457a95b81c8264db5e2632e7a4f0071cb509392dde14f0fbf212a5bb636852d249ca04
SSDEEP

49152:vQsLHy/+BFCdShmG/RcxajYhJ5J8tEdTZaEjkulvWKw9pE6UumTS58M3g3hQjDVj:5O/+bzE3BjkV99C64u5o4JHpV

Score

10^/10

risepro discovery stealer

Malware Config

Extracted

Family

risepro

C2

193.233.132.67:5000

Targets

- Target
  
  LisectAVT_2403002A_419.exe
- Size
  
  4.8MB
- MD5
  
  42b90e270ab9cc4d1f6354045048b538
- SHA1
  
  080d0df0d03f707096cb974da2d683037e9cc63a
- SHA256
  
  e4883bfe1480181df3d2eb0e0a587be359260ee11a32176aab234eb707fe6f76
- SHA512
  
  fac869f426d33a58edf8af7b39b3615d774c951174f87ad9e61aee8e06457a95b81c8264db5e2632e7a4f0071cb509392dde14f0fbf212a5bb636852d249ca04
- SSDEEP
  
  49152:vQsLHy/+BFCdShmG/RcxajYhJ5J8tEdTZaEjkulvWKw9pE6UumTS58M3g3hQjDVj:5O/+bzE3BjkV99C64u5o4JHpV
Score

10^/10

risepro discovery stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

riseprodiscoverystealer