General

  • Target

    568bca18a7a10c2946fd13add1ea48fbbe8136be83aae3e1160ccc99be81ab3e.exe

  • Size

    2.0MB

  • Sample

    240408-n1qlvagd99

  • MD5

    78c51173c7c54100efb7d048fc8e827b

  • SHA1

    7957bff0adaddbcc73c6b9b278ef2d85e2563e60

  • SHA256

    568bca18a7a10c2946fd13add1ea48fbbe8136be83aae3e1160ccc99be81ab3e

  • SHA512

    a526644ed266b9086ed76e64699895ba38d60c51260c1b1a380d7fe798dd9a43ed02f891e797dcb807cae631a42bbf2048d875c64e0d0c7aeb9474b644169085

  • SSDEEP

    49152:By5er9fzkC23IfRUARWxzHVqwfvgmVt5qI1:B4QucHWVngy5qI1

Score
10/10

Malware Config

Targets

    • Target

      568bca18a7a10c2946fd13add1ea48fbbe8136be83aae3e1160ccc99be81ab3e.exe

    • Size

      2.0MB

    • MD5

      78c51173c7c54100efb7d048fc8e827b

    • SHA1

      7957bff0adaddbcc73c6b9b278ef2d85e2563e60

    • SHA256

      568bca18a7a10c2946fd13add1ea48fbbe8136be83aae3e1160ccc99be81ab3e

    • SHA512

      a526644ed266b9086ed76e64699895ba38d60c51260c1b1a380d7fe798dd9a43ed02f891e797dcb807cae631a42bbf2048d875c64e0d0c7aeb9474b644169085

    • SSDEEP

      49152:By5er9fzkC23IfRUARWxzHVqwfvgmVt5qI1:B4QucHWVngy5qI1

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

MITRE ATT&CK Enterprise v15

Tasks