risepro | 4730950917457e7414519a6d7dc6c63b37ad09cb835f291456449fae95f67e1b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a16ae21452d2bc3fa746b98858e504c9.bin
Size

2.2MB
Sample

240202-b3yzsadcbq
MD5

4716125bb303f34e401dbb8827c25943
SHA1

1ffdb6799b47d15896a9f4c48e13ef903ab97100
SHA256

4730950917457e7414519a6d7dc6c63b37ad09cb835f291456449fae95f67e1b
SHA512

f0df9e72ee1b7583bbef6ebe8431f3c54ffbecf7ffdad38c174f89d55d1ce21d3d1c39fbbf5dde7419ff0eb2d03020934fe21bce86bcda5d674f9eeb6a4b272d
SSDEEP

49152:DWA8t7E7CqAMo33Cv51VBvZpZvSQICx8SsXfyp7ETL:qBWXArHChPBhpgnCxiY7EH

Score

10^/10

risepro evasion stealer

Malware Config

Extracted

Family

risepro

C2

193.233.132.62:50500

Targets

- Target
  
  bd2121f85a4f7cb088c427636f6fed7e02ed42d94e568f6de376be1774885fa4.exe
- Size
  
  2.2MB
- MD5
  
  a16ae21452d2bc3fa746b98858e504c9
- SHA1
  
  2719a638efd47cc5db565a8fe2b9b0f109845da9
- SHA256
  
  bd2121f85a4f7cb088c427636f6fed7e02ed42d94e568f6de376be1774885fa4
- SHA512
  
  e937e4d6caf36a6f42577ca9177398e44aa37783120131a76fc8a054180739dde476b5773253c1e1e0b696791470c3262395dec6d9a3be871c2c216b44c1b9c8
- SSDEEP
  
  49152:usJajYd6fpPfzz5lmFhSBt6jG6fyriTqxUmUSbWTdpY:usJSfpzzaE4jGGyJxUmQA
Score

10^/10

risepro evasion stealer
- RisePro
  RisePro stealer is an infostealer distributed by PrivateLoader.
  stealer risepro
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

riseproevasionstealer

behavioral2

riseproevasionstealer