General
-
Target
a4815fa95df2939a9cacdf2fb4ed98fb2007288bc8f174c38e053b472ba5b493
-
Size
2.3MB
-
Sample
240425-fj8gbsfh4z
-
MD5
8dbb19d07d9a5acea7eee217e69a2260
-
SHA1
416f99374bab22c90597645a1c699a5b8afeadf6
-
SHA256
a4815fa95df2939a9cacdf2fb4ed98fb2007288bc8f174c38e053b472ba5b493
-
SHA512
9fefdde8a799f790b7a37ebe0101ab180bd65141e0ac250879f09c596827a0d2ef41ee29e3878b7f033cb48dd84304d15813379a25f6db1b661970bfbce3fe51
-
SSDEEP
49152:rg69SebPPiKgYyo2ChartqgK438xT55QTU89yFZIK4L4OZ/V6KTGu6FT:rg69SebiLChst/Tk55u2FZYBZ/V6YGu+
Malware Config
Targets
-
-
Target
a4815fa95df2939a9cacdf2fb4ed98fb2007288bc8f174c38e053b472ba5b493
-
Size
2.3MB
-
MD5
8dbb19d07d9a5acea7eee217e69a2260
-
SHA1
416f99374bab22c90597645a1c699a5b8afeadf6
-
SHA256
a4815fa95df2939a9cacdf2fb4ed98fb2007288bc8f174c38e053b472ba5b493
-
SHA512
9fefdde8a799f790b7a37ebe0101ab180bd65141e0ac250879f09c596827a0d2ef41ee29e3878b7f033cb48dd84304d15813379a25f6db1b661970bfbce3fe51
-
SSDEEP
49152:rg69SebPPiKgYyo2ChartqgK438xT55QTU89yFZIK4L4OZ/V6KTGu6FT:rg69SebiLChst/Tk55u2FZYBZ/V6YGu+
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-