Extracted

• • Target

    45658cfd5c86375a3f47d821c8c8bfc7.exe

  • Size

    16.3MB

  • MD5

    45658cfd5c86375a3f47d821c8c8bfc7

  • SHA1

    01dfdac7115839b4dabc96dfe381d7231010838c

  • SHA256

    eca8448d70d825863070e154190f163d6917ba1f696402d8ed20ffe0e59f1bf5

  • SHA512

    db04b682f245e749f7212a2ea0a4f8adcc202f8a6867fc5547f8ce53b8eb62a2c3a3cae2d4230aba933e9fff284766f5a125fae260b35ac9cb883e33cce4036c

  • SSDEEP

    49152:Ix1BZ/3KMJESGkP9bKJPUyN1RL7HDUq1373ht:+bZ/6JSGkPRwPU2R3Q63h

  Score

  10^/10

  riseprodiscoverystealer

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2