General
-
Target
92fd9bfc7c04e09762e8270bb9497e70c260862bc7e29e3c337fff9a6f583f60
-
Size
2.3MB
-
Sample
240425-hs7mhagf9s
-
MD5
48a67fd772d60ceccc25c7480cdb138a
-
SHA1
d71e9170aab9ca931170eaca055d4d57dad90f6c
-
SHA256
92fd9bfc7c04e09762e8270bb9497e70c260862bc7e29e3c337fff9a6f583f60
-
SHA512
17916f6d2c532f7758a171311647f14ad20e877c4d114aab628a2eeb84529c8db0705215fe4a7eafbabceb12cf19eefcd2d452c888af138802da64ae3f3ef0a7
-
SSDEEP
49152:Mg69SebPPiKgYyn7H4Yf+qBN98xF5o2eS/o+VmiP6X:Mg69SebiVHB2aNyXi2eS/o+VmG6X
Malware Config
Targets
-
-
Target
92fd9bfc7c04e09762e8270bb9497e70c260862bc7e29e3c337fff9a6f583f60
-
Size
2.3MB
-
MD5
48a67fd772d60ceccc25c7480cdb138a
-
SHA1
d71e9170aab9ca931170eaca055d4d57dad90f6c
-
SHA256
92fd9bfc7c04e09762e8270bb9497e70c260862bc7e29e3c337fff9a6f583f60
-
SHA512
17916f6d2c532f7758a171311647f14ad20e877c4d114aab628a2eeb84529c8db0705215fe4a7eafbabceb12cf19eefcd2d452c888af138802da64ae3f3ef0a7
-
SSDEEP
49152:Mg69SebPPiKgYyn7H4Yf+qBN98xF5o2eS/o+VmiP6X:Mg69SebiVHB2aNyXi2eS/o+VmG6X
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-