General
-
Target
f66982ef9722a703fd887bf33ab18e34daf6217aeb40befc13a6458d65a2d13e
-
Size
2.3MB
-
Sample
240428-ce4qssdg27
-
MD5
88dbe96fc7926ed84796eadb4898d5bd
-
SHA1
5c8a6123130a8ce808e48585a723b97974a12060
-
SHA256
f66982ef9722a703fd887bf33ab18e34daf6217aeb40befc13a6458d65a2d13e
-
SHA512
c18ea4b639cde8e2aad12e1f8da4e3365e9154197c7e4962d20cd422b8ed55ee8329f17091d460eede0c11281671383730296caa8851d80334d2b1d64036e4aa
-
SSDEEP
49152:qg69SebPPiKgYy6S1dWscTyKIWOQvs4n+xWPyZVVJuqyYbveUqAqeeRl:qg69SebiIodWv/OQvz+x2KrljeUq/R
Malware Config
Targets
-
-
Target
f66982ef9722a703fd887bf33ab18e34daf6217aeb40befc13a6458d65a2d13e
-
Size
2.3MB
-
MD5
88dbe96fc7926ed84796eadb4898d5bd
-
SHA1
5c8a6123130a8ce808e48585a723b97974a12060
-
SHA256
f66982ef9722a703fd887bf33ab18e34daf6217aeb40befc13a6458d65a2d13e
-
SHA512
c18ea4b639cde8e2aad12e1f8da4e3365e9154197c7e4962d20cd422b8ed55ee8329f17091d460eede0c11281671383730296caa8851d80334d2b1d64036e4aa
-
SSDEEP
49152:qg69SebPPiKgYy6S1dWscTyKIWOQvs4n+xWPyZVVJuqyYbveUqAqeeRl:qg69SebiIodWv/OQvz+x2KrljeUq/R
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-