General
-
Target
e1b150125d4bc8908c4a8440dea17942c68881827716cd028315e0496210dec2
-
Size
2.3MB
-
Sample
240423-ernapacg55
-
MD5
07d63d32d8b2ff0220d5bcc0c5c8d095
-
SHA1
6829e8121604e219f56b90028287c278ab9b984f
-
SHA256
e1b150125d4bc8908c4a8440dea17942c68881827716cd028315e0496210dec2
-
SHA512
7328c8b30078247602536c1fe41fff0eea4a822083285ef920bcfa57cd219770eabf3005361cae9e1fcf3f6a5f3b95c12b9d06db291a519c5f82e1277c7c0b2f
-
SSDEEP
49152:Cg69SebPPiKgYyC5N03uQ2me6j1KfvDhnf3lQ8wXAVJz6SWcGX:Cg69Sebi+0332SjwHNf9w0+5
Malware Config
Targets
-
-
Target
e1b150125d4bc8908c4a8440dea17942c68881827716cd028315e0496210dec2
-
Size
2.3MB
-
MD5
07d63d32d8b2ff0220d5bcc0c5c8d095
-
SHA1
6829e8121604e219f56b90028287c278ab9b984f
-
SHA256
e1b150125d4bc8908c4a8440dea17942c68881827716cd028315e0496210dec2
-
SHA512
7328c8b30078247602536c1fe41fff0eea4a822083285ef920bcfa57cd219770eabf3005361cae9e1fcf3f6a5f3b95c12b9d06db291a519c5f82e1277c7c0b2f
-
SSDEEP
49152:Cg69SebPPiKgYyC5N03uQ2me6j1KfvDhnf3lQ8wXAVJz6SWcGX:Cg69Sebi+0332SjwHNf9w0+5
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-