General
-
Target
4733862d78d2d2d1c582a46817a3c2584617207ff45ddb38f17898bfb7a40afd
-
Size
8.3MB
-
Sample
240425-myc3asaa6z
-
MD5
da944f8c0699e1fe25ebaae29daddcdc
-
SHA1
6ae866646dbbddbe1d8d7b752e8c81b32229e60e
-
SHA256
4733862d78d2d2d1c582a46817a3c2584617207ff45ddb38f17898bfb7a40afd
-
SHA512
9a312dc2b5573ab6df809b537592a535a4152e267b67427a248c8bd552418fa3d7b1b24f02ff5771be445623c0c7923e695d2e69882cf658d418ee76be8af8f1
-
SSDEEP
196608:Lt2abLZRTyPE7gJG52fnZBtLkSGYb/oeil7La23EdQuYbv:LIqLZtjgGKnsYseil7LHUdQBz
Malware Config
Extracted
risepro
193.233.132.253:50500
Targets
-
-
Target
4733862d78d2d2d1c582a46817a3c2584617207ff45ddb38f17898bfb7a40afd
-
Size
8.3MB
-
MD5
da944f8c0699e1fe25ebaae29daddcdc
-
SHA1
6ae866646dbbddbe1d8d7b752e8c81b32229e60e
-
SHA256
4733862d78d2d2d1c582a46817a3c2584617207ff45ddb38f17898bfb7a40afd
-
SHA512
9a312dc2b5573ab6df809b537592a535a4152e267b67427a248c8bd552418fa3d7b1b24f02ff5771be445623c0c7923e695d2e69882cf658d418ee76be8af8f1
-
SSDEEP
196608:Lt2abLZRTyPE7gJG52fnZBtLkSGYb/oeil7La23EdQuYbv:LIqLZtjgGKnsYseil7LHUdQBz
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-