General

  • Target

    77bcd8a16ac4ea65b09e524fc06d6ba35159c78fea96455f47ea90bc0594b9d8

  • Size

    3.1MB

  • Sample

    240403-nh9xrsce4y

  • MD5

    5ab991bae423ad9caeac0296ff614c55

  • SHA1

    4bc2248ad83e3ff22d438e6d1d22458076cf1f42

  • SHA256

    77bcd8a16ac4ea65b09e524fc06d6ba35159c78fea96455f47ea90bc0594b9d8

  • SHA512

    5fe878e422e7a6ee915b4816c27d4f38553ec96bc339a133f2c4e7c7ba3ea7a8e56870c7ae61327c3fb381c061571ad86bbcc722a6329802e57e4b11c0fbe072

  • SSDEEP

    49152:Xby6hdUAx0oBS+kF2KN2h0gXD5do6uqrwWpCwS:Ly6hdF0cS+Cuh0gX9do6uPQCw

Score
10/10

Malware Config

Targets

    • Target

      77bcd8a16ac4ea65b09e524fc06d6ba35159c78fea96455f47ea90bc0594b9d8

    • Size

      3.1MB

    • MD5

      5ab991bae423ad9caeac0296ff614c55

    • SHA1

      4bc2248ad83e3ff22d438e6d1d22458076cf1f42

    • SHA256

      77bcd8a16ac4ea65b09e524fc06d6ba35159c78fea96455f47ea90bc0594b9d8

    • SHA512

      5fe878e422e7a6ee915b4816c27d4f38553ec96bc339a133f2c4e7c7ba3ea7a8e56870c7ae61327c3fb381c061571ad86bbcc722a6329802e57e4b11c0fbe072

    • SSDEEP

      49152:Xby6hdUAx0oBS+kF2KN2h0gXD5do6uqrwWpCwS:Ly6hdF0cS+Cuh0gX9do6uPQCw

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v15

Tasks