General
-
Target
24b76ac1bc1dc95352d2a1ad69ec71009a1074862bf99785375cece24fef1be5
-
Size
2.3MB
-
Sample
240425-pprv7sag56
-
MD5
dc64b8e9db9e657f0a7ee5cd27101015
-
SHA1
d63fd2770559f8da5c4d0bc5c63f300c5066e902
-
SHA256
24b76ac1bc1dc95352d2a1ad69ec71009a1074862bf99785375cece24fef1be5
-
SHA512
62919900bbe4118ab371ea820a55c48f0b562338b73c8d67344b8dae6d98a048066d6a8b1f9a04b14b9ae568a662a56aeb1f24f22c69aab314cf66fc5d4e596e
-
SSDEEP
49152:zg69SebPPiKgYycpo3oZFSTYtTKod4/ja13QrWWI7dLetFiZiRvCJHY:zg69SebierFSkv4zrWHdLeeZi4JH
Malware Config
Targets
-
-
Target
24b76ac1bc1dc95352d2a1ad69ec71009a1074862bf99785375cece24fef1be5
-
Size
2.3MB
-
MD5
dc64b8e9db9e657f0a7ee5cd27101015
-
SHA1
d63fd2770559f8da5c4d0bc5c63f300c5066e902
-
SHA256
24b76ac1bc1dc95352d2a1ad69ec71009a1074862bf99785375cece24fef1be5
-
SHA512
62919900bbe4118ab371ea820a55c48f0b562338b73c8d67344b8dae6d98a048066d6a8b1f9a04b14b9ae568a662a56aeb1f24f22c69aab314cf66fc5d4e596e
-
SSDEEP
49152:zg69SebPPiKgYycpo3oZFSTYtTKod4/ja13QrWWI7dLetFiZiRvCJHY:zg69SebierFSkv4zrWHdLeeZi4JH
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-