General
-
Target
f9b974ee6b92e5721f43cb151da0909e2b66f9d713d274e53d16ccd8f9a778c8
-
Size
2.3MB
-
Sample
240425-dzykysed76
-
MD5
3ebad58a380374443e219e2c4d79c6ed
-
SHA1
c8cad2b1f4e27fb6ab0e44e8f3ae44b09636ad71
-
SHA256
f9b974ee6b92e5721f43cb151da0909e2b66f9d713d274e53d16ccd8f9a778c8
-
SHA512
fb0f49cef14e2d63a409f7e807de2d50e01ec6c4107b16e227fddf88026d4b3b01c35c1ef2ad05185f2de3c3a33a484cf72f15ccfa08341f90cd7e8f04d02fe9
-
SSDEEP
49152:Sg69SebPPiKgYygaSIX7iV1zICXEJiaNpoGp2kbhW3nMZRkFLGlx:Sg69SebiSkQ1RwXf2aW3nc2y
Malware Config
Targets
-
-
Target
f9b974ee6b92e5721f43cb151da0909e2b66f9d713d274e53d16ccd8f9a778c8
-
Size
2.3MB
-
MD5
3ebad58a380374443e219e2c4d79c6ed
-
SHA1
c8cad2b1f4e27fb6ab0e44e8f3ae44b09636ad71
-
SHA256
f9b974ee6b92e5721f43cb151da0909e2b66f9d713d274e53d16ccd8f9a778c8
-
SHA512
fb0f49cef14e2d63a409f7e807de2d50e01ec6c4107b16e227fddf88026d4b3b01c35c1ef2ad05185f2de3c3a33a484cf72f15ccfa08341f90cd7e8f04d02fe9
-
SSDEEP
49152:Sg69SebPPiKgYygaSIX7iV1zICXEJiaNpoGp2kbhW3nMZRkFLGlx:Sg69SebiSkQ1RwXf2aW3nc2y
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-