General
-
Target
1000988d6280a52ddfb2e54a13cf08169df5f30854c172a65bceadefd425e950
-
Size
3.0MB
-
Sample
240314-fgclwadb86
-
MD5
1cf0b09fafafb5dc3cc7922ff9153602
-
SHA1
bd8fc029a33f16f3370a90e285e084793195835c
-
SHA256
1000988d6280a52ddfb2e54a13cf08169df5f30854c172a65bceadefd425e950
-
SHA512
e78069947903a748e23cf3e6309aa4510434416dafdceee5dd0d930f6b96195089ab4bacc0a6e86149373a4ac6656d4b65223d2a32b9b68bad784b44e1c1b13d
-
SSDEEP
49152:AQdN4YQz03BC5Hpb/+6KfnsdkNkDb0WGA5xqyh:tdeYfxC5Jb/+6KfnFNkDbRvxq
Malware Config
Extracted
risepro
193.233.132.62:50500
Targets
-
-
Target
1000988d6280a52ddfb2e54a13cf08169df5f30854c172a65bceadefd425e950
-
Size
3.0MB
-
MD5
1cf0b09fafafb5dc3cc7922ff9153602
-
SHA1
bd8fc029a33f16f3370a90e285e084793195835c
-
SHA256
1000988d6280a52ddfb2e54a13cf08169df5f30854c172a65bceadefd425e950
-
SHA512
e78069947903a748e23cf3e6309aa4510434416dafdceee5dd0d930f6b96195089ab4bacc0a6e86149373a4ac6656d4b65223d2a32b9b68bad784b44e1c1b13d
-
SSDEEP
49152:AQdN4YQz03BC5Hpb/+6KfnsdkNkDb0WGA5xqyh:tdeYfxC5Jb/+6KfnFNkDbRvxq
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-