General
-
Target
8421a89bf4389541abca4a188496c1c0c4a181383d2bf2d1390c1b875b13fa84
-
Size
2.3MB
-
Sample
240425-mxff2aaa78
-
MD5
e0fc8121a336cae8edeebe6c66c1db89
-
SHA1
e027c87b5da68e155c5fd312901647130e1b7826
-
SHA256
8421a89bf4389541abca4a188496c1c0c4a181383d2bf2d1390c1b875b13fa84
-
SHA512
031b0dc0d516c7f964e0bb19161f1dcefdeb333ec1de7ea45799e18ac99d52f225501ce48f0b805d477c12e2adfafdc15f68a9fab1ad837bd7d6165698f91d24
-
SSDEEP
49152:eg69SebPPiKgYy2rTe5+yfxZEOntddUZSbvacopubGOWUm:eg69SebiQe0yfIOntr0SbvzWubGOWU
Malware Config
Targets
-
-
Target
8421a89bf4389541abca4a188496c1c0c4a181383d2bf2d1390c1b875b13fa84
-
Size
2.3MB
-
MD5
e0fc8121a336cae8edeebe6c66c1db89
-
SHA1
e027c87b5da68e155c5fd312901647130e1b7826
-
SHA256
8421a89bf4389541abca4a188496c1c0c4a181383d2bf2d1390c1b875b13fa84
-
SHA512
031b0dc0d516c7f964e0bb19161f1dcefdeb333ec1de7ea45799e18ac99d52f225501ce48f0b805d477c12e2adfafdc15f68a9fab1ad837bd7d6165698f91d24
-
SSDEEP
49152:eg69SebPPiKgYy2rTe5+yfxZEOntddUZSbvacopubGOWUm:eg69SebiQe0yfIOntr0SbvzWubGOWU
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-