General

  • Target

    ff9da211cdc0f23889d7d41c8003131994e940bee134348ffef517a372a64777

  • Size

    3.0MB

  • Sample

    240616-rrckea1anq

  • MD5

    e2197bee5e8dc71cb12f9e1410dc356d

  • SHA1

    591dec2828d560463a7b32bf9b5b47e8a815af5a

  • SHA256

    ff9da211cdc0f23889d7d41c8003131994e940bee134348ffef517a372a64777

  • SHA512

    455ac316a9e582f455f14adeaa16b08fbbc783e4145ae910cfceedc461c57801b617b1c34d4fe6bc618d2fc3bdd30f56b937674b8a94698bd03dc4b909c36d05

  • SSDEEP

    49152:ZQJEzV0mR4dw1uJC/S2h0wLZN2DxiIq2dPUbcwosO+OQUKjdm:iJEzadw1usLtWRq2XwoKMK

Malware Config

Targets

    • Target

      ff9da211cdc0f23889d7d41c8003131994e940bee134348ffef517a372a64777

    • Size

      3.0MB

    • MD5

      e2197bee5e8dc71cb12f9e1410dc356d

    • SHA1

      591dec2828d560463a7b32bf9b5b47e8a815af5a

    • SHA256

      ff9da211cdc0f23889d7d41c8003131994e940bee134348ffef517a372a64777

    • SHA512

      455ac316a9e582f455f14adeaa16b08fbbc783e4145ae910cfceedc461c57801b617b1c34d4fe6bc618d2fc3bdd30f56b937674b8a94698bd03dc4b909c36d05

    • SSDEEP

      49152:ZQJEzV0mR4dw1uJC/S2h0wLZN2DxiIq2dPUbcwosO+OQUKjdm:iJEzadw1usLtWRq2XwoKMK

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Drops file in Drivers directory

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks