Extracted

• • Target

    ee6ee03724690a677d4bf2610ea86d94eaeb94068d627fe36ec2f0353cc1c9ba.exe

  • Size

    18.3MB

  • MD5

    33ff8752083bf6b5105749bf5b772b4a

  • SHA1

    01f8869d2fcd4ff1184dfc956905e01eb15f0d92

  • SHA256

    ee6ee03724690a677d4bf2610ea86d94eaeb94068d627fe36ec2f0353cc1c9ba

  • SHA512

    26445b94571fb374b57bb0ee129a8e7fc624e7c3d315a6a6fc0f165f33fa593e90932ef4e5bb0faa7b91f9f1647fc62d1027e7bc58947da4ecdde11745104c7a

  • SSDEEP

    49152:Ix1BZ/3KMJESGkP9bKJPUyN1RL7HDUq1373ht:+bZ/6JSGkPRwPU2R3Q63h

  Score

  10^/10

  riseprodiscoverystealer

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2