risepro | 5ce4ff93aeb9a462e0e85133332a16daffb5120addcb372d44c9c87185d03d6b | Triage

Sharing

General

Target

SMTP Cracker 1.2 Pro Paid Version.exe
Size

2.5MB
Sample

240813-s68f3asckb
MD5

b9b860588258efc28f2bd6af1fab11a8
SHA1

bd0d1178092bdf36672e7c9eb81f2d9733ced932
SHA256

5ce4ff93aeb9a462e0e85133332a16daffb5120addcb372d44c9c87185d03d6b
SHA512

0d397743e400d81487695fa2bc73f3ad9b697aab9ea39bb2b4b1192d60a4b1ff62c7ee1f644f2a46f6e499bab1bbcef60dcbbb56c45bb31b477a88fdf8cd0e3c
SSDEEP

49152:M6OyggI/ynZmSzG+O/RWNEtUNkxP6s71pP6EFT6ODiwlL9EjUplJ+lkJ7pUS1s:M6OyggI6ZmSsxUNyP6s7HtEODiILqj2y

Score

10^/10

risepro discovery stealer

Malware Config

Extracted

Family

risepro

C2

101.99.92.169:50500

Targets

- Target
  
  SMTP Cracker 1.2 Pro Paid Version.exe
- Size
  
  2.5MB
- MD5
  
  b9b860588258efc28f2bd6af1fab11a8
- SHA1
  
  bd0d1178092bdf36672e7c9eb81f2d9733ced932
- SHA256
  
  5ce4ff93aeb9a462e0e85133332a16daffb5120addcb372d44c9c87185d03d6b
- SHA512
  
  0d397743e400d81487695fa2bc73f3ad9b697aab9ea39bb2b4b1192d60a4b1ff62c7ee1f644f2a46f6e499bab1bbcef60dcbbb56c45bb31b477a88fdf8cd0e3c
- SSDEEP
  
  49152:M6OyggI/ynZmSzG+O/RWNEtUNkxP6s71pP6EFT6ODiwlL9EjUplJ+lkJ7pUS1s:M6OyggI6ZmSsxUNyP6s7HtEODiILqj2y
Score

10^/10

risepro discovery stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

riseprodiscoverystealer

behavioral2

riseprodiscoverystealer