General

  • Target

    f41da10d59329cf1acdd946d0c5abde3c4300288b45fd86db6bb558eb03be82d

  • Size

    2.9MB

  • Sample

    240408-abzlkaae6z

  • MD5

    ef514b6f162b09db148a72a2b9446a47

  • SHA1

    13ef60f6d8956d4d9d9c59c40a76514aff4a247d

  • SHA256

    f41da10d59329cf1acdd946d0c5abde3c4300288b45fd86db6bb558eb03be82d

  • SHA512

    2c9951bb8c3aaeabaaca130dd4753f80f40643c737203d178687825d84e474353b1c5c89b55ad0e0680fd552e2026e943477a4deab5a2d4016f303b30766b9bb

  • SSDEEP

    49152:3T53j4Un0SH3y7zh5+yhuj3smr5x0/Y9BxikfWW0VuWEMFlm6W/AahAQCtd:3TdEQbH3E5d8pr56u0kuV6Mlm6F4Abtd

Malware Config

Targets

    • Target

      f41da10d59329cf1acdd946d0c5abde3c4300288b45fd86db6bb558eb03be82d

    • Size

      2.9MB

    • MD5

      ef514b6f162b09db148a72a2b9446a47

    • SHA1

      13ef60f6d8956d4d9d9c59c40a76514aff4a247d

    • SHA256

      f41da10d59329cf1acdd946d0c5abde3c4300288b45fd86db6bb558eb03be82d

    • SHA512

      2c9951bb8c3aaeabaaca130dd4753f80f40643c737203d178687825d84e474353b1c5c89b55ad0e0680fd552e2026e943477a4deab5a2d4016f303b30766b9bb

    • SSDEEP

      49152:3T53j4Un0SH3y7zh5+yhuj3smr5x0/Y9BxikfWW0VuWEMFlm6W/AahAQCtd:3TdEQbH3E5d8pr56u0kuV6Mlm6F4Abtd

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks