General

  • Target

    d9606515cb5a0414ff98b04e76b97152914c5bd343d26ef5d4a230cd70668368

  • Size

    3.0MB

  • Sample

    240403-plrq2add86

  • MD5

    071c7f1e098d3e1014f311b2d5ba8fd2

  • SHA1

    10be2d8cee9fa3fdbd950667fd880b3979e374d5

  • SHA256

    d9606515cb5a0414ff98b04e76b97152914c5bd343d26ef5d4a230cd70668368

  • SHA512

    91c7883ea98b31401b7be58f40f71d6e1b156e81461ce4d48d051c6a5f52b94e88c31a561c3639c5935ef5be9422cdebdd8094ef9d4756c265d8f2a456a97249

  • SSDEEP

    49152:TGQxXG0fvWpg3xl9KL2KWq5HvA7vblIN8Y+S4iP3UqPYs:KQxW04uL9KL2Dq5Hv0blk8YgqP

Score
10/10

Malware Config

Targets

    • Target

      d9606515cb5a0414ff98b04e76b97152914c5bd343d26ef5d4a230cd70668368

    • Size

      3.0MB

    • MD5

      071c7f1e098d3e1014f311b2d5ba8fd2

    • SHA1

      10be2d8cee9fa3fdbd950667fd880b3979e374d5

    • SHA256

      d9606515cb5a0414ff98b04e76b97152914c5bd343d26ef5d4a230cd70668368

    • SHA512

      91c7883ea98b31401b7be58f40f71d6e1b156e81461ce4d48d051c6a5f52b94e88c31a561c3639c5935ef5be9422cdebdd8094ef9d4756c265d8f2a456a97249

    • SSDEEP

      49152:TGQxXG0fvWpg3xl9KL2KWq5HvA7vblIN8Y+S4iP3UqPYs:KQxW04uL9KL2Dq5Hv0blk8YgqP

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v15

Tasks