General
-
Target
682801ba03f285dc2e97378ca30161e1c91e7ca1b939ec837c75d0e9606c9133.exe
-
Size
3.0MB
-
Sample
240312-c88xlsea5s
-
MD5
a52e6a83c5770c4790a775be0b3c49e9
-
SHA1
3d3dfb6b69a1977002ec8e9f3a508dd8a9ed1e37
-
SHA256
682801ba03f285dc2e97378ca30161e1c91e7ca1b939ec837c75d0e9606c9133
-
SHA512
6fb4c5867d8b278880dc6c15c0abf0d4a98bf3e0814d4a0fea3dbd3f73ca11c1ea6de0717055a532a25ffaddab8fd415fe3f732542443b8c5f80ef46e34db744
-
SSDEEP
98304:TFiSBuQ30LQ8hm6D+yAkojJv1pLVXQkv58:3BuQERk
Malware Config
Extracted
risepro
193.233.132.62
Targets
-
-
Target
682801ba03f285dc2e97378ca30161e1c91e7ca1b939ec837c75d0e9606c9133.exe
-
Size
3.0MB
-
MD5
a52e6a83c5770c4790a775be0b3c49e9
-
SHA1
3d3dfb6b69a1977002ec8e9f3a508dd8a9ed1e37
-
SHA256
682801ba03f285dc2e97378ca30161e1c91e7ca1b939ec837c75d0e9606c9133
-
SHA512
6fb4c5867d8b278880dc6c15c0abf0d4a98bf3e0814d4a0fea3dbd3f73ca11c1ea6de0717055a532a25ffaddab8fd415fe3f732542443b8c5f80ef46e34db744
-
SSDEEP
98304:TFiSBuQ30LQ8hm6D+yAkojJv1pLVXQkv58:3BuQERk
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-