General

  • Target

    2e537b9cdb3a88e3af4fdd84eff43e83e52a425677cead17be4c133c37f9632c

  • Size

    3.0MB

  • Sample

    240403-xg2pfahh49

  • MD5

    7fb73bf9ec519f78cdc0acbb3f3f1bb7

  • SHA1

    4690395ed43c5a8b9580746929466f249ef7d84b

  • SHA256

    2e537b9cdb3a88e3af4fdd84eff43e83e52a425677cead17be4c133c37f9632c

  • SHA512

    8ad884529b105754375e72b13e24b51afab6a719b42cdbffab14f81bac513ef2f9ff1af96c7147dfd7bcec22bc661243022070c1e3bc8955e0d32a46d8f6ca49

  • SSDEEP

    49152:amUl5eHtY9C/YxaLRVH66idcKYlz/ynJFMS:amAk4aLRF669KYlz/0M

Score
10/10

Malware Config

Targets

    • Target

      2e537b9cdb3a88e3af4fdd84eff43e83e52a425677cead17be4c133c37f9632c

    • Size

      3.0MB

    • MD5

      7fb73bf9ec519f78cdc0acbb3f3f1bb7

    • SHA1

      4690395ed43c5a8b9580746929466f249ef7d84b

    • SHA256

      2e537b9cdb3a88e3af4fdd84eff43e83e52a425677cead17be4c133c37f9632c

    • SHA512

      8ad884529b105754375e72b13e24b51afab6a719b42cdbffab14f81bac513ef2f9ff1af96c7147dfd7bcec22bc661243022070c1e3bc8955e0d32a46d8f6ca49

    • SSDEEP

      49152:amUl5eHtY9C/YxaLRVH66idcKYlz/ynJFMS:amAk4aLRF669KYlz/0M

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v15

Tasks