General

  • Target

    6e9bd8688af8b18bbc86bef1b09e3b64271294f552ea5ee0ee3a9297a315c9fb

  • Size

    3.0MB

  • Sample

    240403-ykjtgaah9t

  • MD5

    fda372087910a8d12cf5e1fc347edd12

  • SHA1

    0f03aa83097708db9c1591ecab6102a0d8eca989

  • SHA256

    6e9bd8688af8b18bbc86bef1b09e3b64271294f552ea5ee0ee3a9297a315c9fb

  • SHA512

    ad709e0187c82e225fc406b2a34dd80815e07f251d66d1ac21a63ac3e09202eed98e0a077df8c940875756aa9ae17d676d17ecab32e94b29a0a3faaab63dbcfd

  • SSDEEP

    49152:pWIN1CRg3dLCo1cr8c7i3k8mOMR0z2u8YWdrZTO7CzdO:pWU1CRg3p1cr8c7i3k8mOG0z2u8fd1Ts

Score
10/10

Malware Config

Targets

    • Target

      6e9bd8688af8b18bbc86bef1b09e3b64271294f552ea5ee0ee3a9297a315c9fb

    • Size

      3.0MB

    • MD5

      fda372087910a8d12cf5e1fc347edd12

    • SHA1

      0f03aa83097708db9c1591ecab6102a0d8eca989

    • SHA256

      6e9bd8688af8b18bbc86bef1b09e3b64271294f552ea5ee0ee3a9297a315c9fb

    • SHA512

      ad709e0187c82e225fc406b2a34dd80815e07f251d66d1ac21a63ac3e09202eed98e0a077df8c940875756aa9ae17d676d17ecab32e94b29a0a3faaab63dbcfd

    • SSDEEP

      49152:pWIN1CRg3dLCo1cr8c7i3k8mOMR0z2u8YWdrZTO7CzdO:pWU1CRg3p1cr8c7i3k8mOG0z2u8fd1Ts

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v15

Tasks