General

  • Target

    0df9e33d12c57e7ab1c77dce0c3bb3b518f615f1645793c1ef270403b9209f77

  • Size

    3.0MB

  • Sample

    240411-18rkbsac2x

  • MD5

    08cf56dc5537141790eb28a8cd0f0031

  • SHA1

    826ced95a4b3b1d2b2986cde103b1aba385ddbc2

  • SHA256

    0df9e33d12c57e7ab1c77dce0c3bb3b518f615f1645793c1ef270403b9209f77

  • SHA512

    95b21f5e2111c5721f90f900763563222ca86adf5180da8582c39af983f96d26b4759e81a28fff8fdc557e176d7779d502701502535462c3f912e24aaa6d39f0

  • SSDEEP

    98304:K6DSUEmbB2Sg4G3I8yFvh1piX+APE2bPjPmyFTa:hDSUHB2SgNF2hOd50

Malware Config

Targets

    • Target

      0df9e33d12c57e7ab1c77dce0c3bb3b518f615f1645793c1ef270403b9209f77

    • Size

      3.0MB

    • MD5

      08cf56dc5537141790eb28a8cd0f0031

    • SHA1

      826ced95a4b3b1d2b2986cde103b1aba385ddbc2

    • SHA256

      0df9e33d12c57e7ab1c77dce0c3bb3b518f615f1645793c1ef270403b9209f77

    • SHA512

      95b21f5e2111c5721f90f900763563222ca86adf5180da8582c39af983f96d26b4759e81a28fff8fdc557e176d7779d502701502535462c3f912e24aaa6d39f0

    • SSDEEP

      98304:K6DSUEmbB2Sg4G3I8yFvh1piX+APE2bPjPmyFTa:hDSUHB2SgNF2hOd50

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks