General
-
Target
37cb404d7ab5f26ee23a2003834d3c265a962a3c8368929ac8defe8f9bf93c94
-
Size
2.3MB
-
Sample
240428-cgw4qsdg67
-
MD5
58297b31cefbe6652bb001b8889110e0
-
SHA1
84034b14410384032d159126c1c0e8c2212f6cf3
-
SHA256
37cb404d7ab5f26ee23a2003834d3c265a962a3c8368929ac8defe8f9bf93c94
-
SHA512
59ea98be0c66aba04d4e92901eb546e2814f31c9187d4845dda6a64495e06a92b5c4bb74a99fd71304e1915a6d8137b4baffcb4b8a19c208dd210e4a942c9e65
-
SSDEEP
49152:0g69SebPPiKgYyq3fLYYkOX4keD80qW/hTRhsGEgIXGyd4o:0g69Sebi83fLYYkt/80t/FohGy
Malware Config
Targets
-
-
Target
37cb404d7ab5f26ee23a2003834d3c265a962a3c8368929ac8defe8f9bf93c94
-
Size
2.3MB
-
MD5
58297b31cefbe6652bb001b8889110e0
-
SHA1
84034b14410384032d159126c1c0e8c2212f6cf3
-
SHA256
37cb404d7ab5f26ee23a2003834d3c265a962a3c8368929ac8defe8f9bf93c94
-
SHA512
59ea98be0c66aba04d4e92901eb546e2814f31c9187d4845dda6a64495e06a92b5c4bb74a99fd71304e1915a6d8137b4baffcb4b8a19c208dd210e4a942c9e65
-
SSDEEP
49152:0g69SebPPiKgYyq3fLYYkOX4keD80qW/hTRhsGEgIXGyd4o:0g69Sebi83fLYYkt/80t/FohGy
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-