General
-
Target
42c552fa591fe64e7bc17648ce4cd740a274b8a10d7fde379fe979901a5356cf
-
Size
3.0MB
-
Sample
240315-j8jfaadh42
-
MD5
68931a5ceadffdad9b18917dc1ab3232
-
SHA1
fe8dcffc7de6e86cdfb6d175140bc7c5b1548d5a
-
SHA256
42c552fa591fe64e7bc17648ce4cd740a274b8a10d7fde379fe979901a5356cf
-
SHA512
c49c26c3127bab789fe2f8c5f4abbfe6f2c21e46ba5c7c914a6453dcc745925b619402a19716fbbcadd716415c3144338f1ecc3322015cd67ece7ffb6da51564
-
SSDEEP
49152:8fmC5FPiJBOnjn52v0lnbqDMZziJcbn+bkbjoX1cCN:8+C/PiJBijn52v0lnbqDE1jykH6
Malware Config
Extracted
risepro
193.233.132.62
Targets
-
-
Target
42c552fa591fe64e7bc17648ce4cd740a274b8a10d7fde379fe979901a5356cf
-
Size
3.0MB
-
MD5
68931a5ceadffdad9b18917dc1ab3232
-
SHA1
fe8dcffc7de6e86cdfb6d175140bc7c5b1548d5a
-
SHA256
42c552fa591fe64e7bc17648ce4cd740a274b8a10d7fde379fe979901a5356cf
-
SHA512
c49c26c3127bab789fe2f8c5f4abbfe6f2c21e46ba5c7c914a6453dcc745925b619402a19716fbbcadd716415c3144338f1ecc3322015cd67ece7ffb6da51564
-
SSDEEP
49152:8fmC5FPiJBOnjn52v0lnbqDMZziJcbn+bkbjoX1cCN:8+C/PiJBijn52v0lnbqDE1jykH6
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-