General
-
Target
3e780939e5f3f72c1f2fd8370e5c4347005c1e3c829649541c16f629e5f0243e
-
Size
2.3MB
-
Sample
240429-vcja7afh4y
-
MD5
71caf5539d818023814310eca8287720
-
SHA1
bbadd265f7a6c09da47e9f06e7ae8b3948a3c9a0
-
SHA256
3e780939e5f3f72c1f2fd8370e5c4347005c1e3c829649541c16f629e5f0243e
-
SHA512
75e69e920afe1015ae9085145066340c63f761d2bdd451e59d31476b52edf570eb1e3114742da3480f86c41d4b0f7ccc48a7625ef0a0036952f9323770a36b79
-
SSDEEP
49152:Vg69SebPPiKgYyQzwEnXplAwcpya79X2XB1C5CgS5VytoNo9E:Vg69SebianXpedSfTt5wtV9
Malware Config
Targets
-
-
Target
3e780939e5f3f72c1f2fd8370e5c4347005c1e3c829649541c16f629e5f0243e
-
Size
2.3MB
-
MD5
71caf5539d818023814310eca8287720
-
SHA1
bbadd265f7a6c09da47e9f06e7ae8b3948a3c9a0
-
SHA256
3e780939e5f3f72c1f2fd8370e5c4347005c1e3c829649541c16f629e5f0243e
-
SHA512
75e69e920afe1015ae9085145066340c63f761d2bdd451e59d31476b52edf570eb1e3114742da3480f86c41d4b0f7ccc48a7625ef0a0036952f9323770a36b79
-
SSDEEP
49152:Vg69SebPPiKgYyQzwEnXplAwcpya79X2XB1C5CgS5VytoNo9E:Vg69SebianXpedSfTt5wtV9
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-