Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3465b8401f4a4fdf430a1d9b290fdc5eb0b14c65e59f1a8d22d2326e6b8901cc

  • Size

    2.0MB

  • Sample

    240319-z9hhdaga72

  • MD5

    288efaa07033b852144f21b84879e7ee

  • SHA1

    b73ec50804af41d300151b01ff2b045e21151047

  • SHA256

    3465b8401f4a4fdf430a1d9b290fdc5eb0b14c65e59f1a8d22d2326e6b8901cc

  • SHA512

    51c7e2dd02418d7324670bc0a9698e801ee910397d8c7f285c38daed2df74534c978ae6fec8ae095473cf4916eccc3715c788c45d4a4216ce2c76d7ea02e8d81

  • SSDEEP

    49152:pB5LeDUUNAK0R8s7nDf5L+vpJ010HFUX20h3g/eVykcHJNs6NEx:p/LewUNAKJKDNEESK/9GNpCyE

Score
10/10

Malware Config

Extracted

Family

risepro

C2

193.233.132.74:58709

Targets

    • Target

      3465b8401f4a4fdf430a1d9b290fdc5eb0b14c65e59f1a8d22d2326e6b8901cc

    • Size

      2.0MB

    • MD5

      288efaa07033b852144f21b84879e7ee

    • SHA1

      b73ec50804af41d300151b01ff2b045e21151047

    • SHA256

      3465b8401f4a4fdf430a1d9b290fdc5eb0b14c65e59f1a8d22d2326e6b8901cc

    • SHA512

      51c7e2dd02418d7324670bc0a9698e801ee910397d8c7f285c38daed2df74534c978ae6fec8ae095473cf4916eccc3715c788c45d4a4216ce2c76d7ea02e8d81

    • SSDEEP

      49152:pB5LeDUUNAK0R8s7nDf5L+vpJ010HFUX20h3g/eVykcHJNs6NEx:p/LewUNAKJKDNEESK/9GNpCyE

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v15

Tasks