General
-
Target
fd3486dc53a822a6dcc47579d92b5966a168151f2fc66636f4640915f83d015f
-
Size
2.3MB
-
Sample
240427-2et9ssac7x
-
MD5
3d616a9857f08016be670ac2ec760830
-
SHA1
974963a3875e020954e0de6dea423b9441413636
-
SHA256
fd3486dc53a822a6dcc47579d92b5966a168151f2fc66636f4640915f83d015f
-
SHA512
81c44f17c8e6bfdfc48b56cfe528b083c9f2015451151c1015f0c640c8a5158f34b6a09356b0ff400608e882c27ab4e0b03b704f755d4da581640c5623a12de1
-
SSDEEP
49152:ug69SebPPiKgYyPsXPn8+5Aptz+5ZmKsEHmBmMQem4KmVz9zyut:ug69SebiMn8OOx+bmOHmmuJRNNt
Malware Config
Targets
-
-
Target
fd3486dc53a822a6dcc47579d92b5966a168151f2fc66636f4640915f83d015f
-
Size
2.3MB
-
MD5
3d616a9857f08016be670ac2ec760830
-
SHA1
974963a3875e020954e0de6dea423b9441413636
-
SHA256
fd3486dc53a822a6dcc47579d92b5966a168151f2fc66636f4640915f83d015f
-
SHA512
81c44f17c8e6bfdfc48b56cfe528b083c9f2015451151c1015f0c640c8a5158f34b6a09356b0ff400608e882c27ab4e0b03b704f755d4da581640c5623a12de1
-
SSDEEP
49152:ug69SebPPiKgYyPsXPn8+5Aptz+5ZmKsEHmBmMQem4KmVz9zyut:ug69SebiMn8OOx+bmOHmmuJRNNt
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-