General
-
Target
b4067d0eb04dbd3387f917a6bc6512effedd47a6cc92a6d4aab0a0dacfae7caf
-
Size
3.0MB
-
Sample
240315-mb16lsgb53
-
MD5
715d1a17f9d5bbcd3c2857feff5acbda
-
SHA1
851e51e34d1507f5442268b76838079b1d440aff
-
SHA256
b4067d0eb04dbd3387f917a6bc6512effedd47a6cc92a6d4aab0a0dacfae7caf
-
SHA512
82ebbe90386af240ddda0122f97de6fa2becfee1812a7c28c657f2debd3c1af5db362d39050eeb6ad88fcd6bc9c470e8aa07d278bfda57440029edeefe38edcc
-
SSDEEP
49152:0xWVla92C7Mq/rY/Q/ZYQny0UyGd8n+fdAhY3:0GAYqD3/ZhyTIhY3
Malware Config
Extracted
risepro
193.233.132.62
Targets
-
-
Target
b4067d0eb04dbd3387f917a6bc6512effedd47a6cc92a6d4aab0a0dacfae7caf
-
Size
3.0MB
-
MD5
715d1a17f9d5bbcd3c2857feff5acbda
-
SHA1
851e51e34d1507f5442268b76838079b1d440aff
-
SHA256
b4067d0eb04dbd3387f917a6bc6512effedd47a6cc92a6d4aab0a0dacfae7caf
-
SHA512
82ebbe90386af240ddda0122f97de6fa2becfee1812a7c28c657f2debd3c1af5db362d39050eeb6ad88fcd6bc9c470e8aa07d278bfda57440029edeefe38edcc
-
SSDEEP
49152:0xWVla92C7Mq/rY/Q/ZYQny0UyGd8n+fdAhY3:0GAYqD3/ZhyTIhY3
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-