Extracted

• • Target

    8542d40fbb873286565f5092f51fe29ab0ea8e890344b0a6a7aa6bd498da7f07

  • Size

    12.3MB

  • MD5

    525fdd584d9eb2256aba1d88d36ad76a

  • SHA1

    dc9374f8e849eaae9ba18082219e98ddd9ab4fd6

  • SHA256

    8542d40fbb873286565f5092f51fe29ab0ea8e890344b0a6a7aa6bd498da7f07

  • SHA512

    e1d5a2fc20f7234555b98fee7c17fc29b78d587cb1338252d28074a27d82612d6b3ee5d16e88c6b7b929c76cf2e3754039f6e570ef4732325aaafb39e11ac627

  • SSDEEP

    49152:Ix1BZ/3KMJESGkP9bKJPUyN1RL7HDUq1373ht:+bZ/6JSGkPRwPU2R3Q63h

  Score

  10^/10

  riseprodiscoverystealer

  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

    stealerrisepro

  • Risepro family

    risepro

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2