General
-
Target
f863465eb55cffc0feada8789f825e7f597f3ffab0987dea31510f471961d461
-
Size
5.7MB
-
Sample
240430-lpkkcahc39
-
MD5
15cadd15b0a9aaa2fd551da56d8941f6
-
SHA1
b1608f216ba2aafea9327ac8e47009ceaf69ec06
-
SHA256
f863465eb55cffc0feada8789f825e7f597f3ffab0987dea31510f471961d461
-
SHA512
b948190804951c70d286735efd35bffba2016130c7bc986a5d6e1dbc7e51851329a5b9a5ec18e7cbc9dc408009866658f54aafedf5fc54ceb23768d96251e8b1
-
SSDEEP
98304:VFveMolnlWis7IV/vH7rtLay8N2Vu74RwddGB7STFXZw5p+oHcUVAI25q0u:VxDoln4isu/vH7rh2l4RwdvJ88RI25lu
Static task
static1
Behavioral task
behavioral1
Sample
f863465eb55cffc0feada8789f825e7f597f3ffab0987dea31510f471961d461.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
risepro
193.233.132.253:50500
Targets
-
-
Target
f863465eb55cffc0feada8789f825e7f597f3ffab0987dea31510f471961d461
-
Size
5.7MB
-
MD5
15cadd15b0a9aaa2fd551da56d8941f6
-
SHA1
b1608f216ba2aafea9327ac8e47009ceaf69ec06
-
SHA256
f863465eb55cffc0feada8789f825e7f597f3ffab0987dea31510f471961d461
-
SHA512
b948190804951c70d286735efd35bffba2016130c7bc986a5d6e1dbc7e51851329a5b9a5ec18e7cbc9dc408009866658f54aafedf5fc54ceb23768d96251e8b1
-
SSDEEP
98304:VFveMolnlWis7IV/vH7rtLay8N2Vu74RwddGB7STFXZw5p+oHcUVAI25q0u:VxDoln4isu/vH7rh2l4RwdvJ88RI25lu
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-