risepro | fed4b8157c4471160e3ff8221e2be9bc21b85dde8769c3cbe65ff9a20361ecc6 | Triage

Sharing

General

Target

fed4b8157c4471160e3ff8221e2be9bc21b85dde8769c3cbe65ff9a20361ecc6.exe
Size

1.4MB
Sample

250318-me4e5stmv7
MD5

3143d8834657c3348958f11ec96d5cc2
SHA1

97e43ab9cbdfe320f97c722248feb4c0f8112011
SHA256

fed4b8157c4471160e3ff8221e2be9bc21b85dde8769c3cbe65ff9a20361ecc6
SHA512

35b8b2aaa9d84e8889169468a632f0653d1a833c118ba60e4f40b3bcd5e26373719f505d6ddaadee52f7c429ca47f9b5a0310f54ba0a99a72780ab2e5485a657
SSDEEP

24576:Ogn/o/5w4sDWEshvKBVyeNe6LSGVQOaKvBcQwr1uiEwck9ZcyM43tn+d2YPZjOiM:O2/yLsWhK3yeNTLSXCBDwr1uiEwckjcy

Score

10^/10

risepro discovery stealer

Malware Config

Extracted

Family

risepro

C2

217.195.207.156:50500

Targets

- Target
  
  fed4b8157c4471160e3ff8221e2be9bc21b85dde8769c3cbe65ff9a20361ecc6.exe
- Size
  
  1.4MB
- MD5
  
  3143d8834657c3348958f11ec96d5cc2
- SHA1
  
  97e43ab9cbdfe320f97c722248feb4c0f8112011
- SHA256
  
  fed4b8157c4471160e3ff8221e2be9bc21b85dde8769c3cbe65ff9a20361ecc6
- SHA512
  
  35b8b2aaa9d84e8889169468a632f0653d1a833c118ba60e4f40b3bcd5e26373719f505d6ddaadee52f7c429ca47f9b5a0310f54ba0a99a72780ab2e5485a657
- SSDEEP
  
  24576:Ogn/o/5w4sDWEshvKBVyeNe6LSGVQOaKvBcQwr1uiEwck9ZcyM43tn+d2YPZjOiM:O2/yLsWhK3yeNTLSXCBDwr1uiEwckjcy
Score

10^/10

discovery risepro stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Risepro family
  risepro
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

riseprodiscoverystealer