privateloader | a4bc2823a70589a9cddb9494d2cfbad3f43b5c22e7fff0624c04a3a8facb8baa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2025-05-07_2664bc1e653c15d3433aa10946e85266_black-basta_elex_luca-stealer
Size

1.3MB
Sample

250507-r9dkessybz
MD5

2664bc1e653c15d3433aa10946e85266
SHA1

3ab8eec430fc253eb79508eb5be37733f13888b7
SHA256

a4bc2823a70589a9cddb9494d2cfbad3f43b5c22e7fff0624c04a3a8facb8baa
SHA512

8a5b5cbc40b3c7de01507691cca828322931b608eb10f0efce538ebe986356bf5414adf7969b83c97f4d1d49ef914149800c2026247106cdcb44927c13b7abcf
SSDEEP

24576:NmmEs2wqfcRBxJCBEmAMpCOJMbgp2kvB1Pj5R+d3ThJgrU35Zln2i6:8dw/IyPxbgp2iB1Pju3TIrK5Zln2i6

Score

10^/10

privateloader risepro discovery loader persistence stealer

Malware Config

Extracted

Family

risepro

C2

194.49.94.152

Targets

- Target
  
  2025-05-07_2664bc1e653c15d3433aa10946e85266_black-basta_elex_luca-stealer
- Size
  
  1.3MB
- MD5
  
  2664bc1e653c15d3433aa10946e85266
- SHA1
  
  3ab8eec430fc253eb79508eb5be37733f13888b7
- SHA256
  
  a4bc2823a70589a9cddb9494d2cfbad3f43b5c22e7fff0624c04a3a8facb8baa
- SHA512
  
  8a5b5cbc40b3c7de01507691cca828322931b608eb10f0efce538ebe986356bf5414adf7969b83c97f4d1d49ef914149800c2026247106cdcb44927c13b7abcf
- SSDEEP
  
  24576:NmmEs2wqfcRBxJCBEmAMpCOJMbgp2kvB1Pj5R+d3ThJgrU35Zln2i6:8dw/IyPxbgp2iB1Pju3TIrK5Zln2i6
Score

10^/10

discovery persistence privateloader risepro loader stealer
- PrivateLoader
  PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
  loader privateloader
- Privateloader family
  privateloader
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Risepro family
  risepro
- Drops startup file
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

privateloaderrisepro

behavioral1

discoverypersistence

behavioral2

privateloaderriseprodiscoveryloaderpersistencestealer

	
		OSZAR »