General
-
Target
7d5d93a5187a980c91b1afb766b61100a2de3695d642e76d1ed7aa6a5b262fc1
-
Size
2.3MB
-
Sample
240622-p97gdsygmd
-
MD5
f5a27171653d5895accd768b67d6f222
-
SHA1
3dcb08f2ff5f02915177141c12fcea29c77032f1
-
SHA256
7d5d93a5187a980c91b1afb766b61100a2de3695d642e76d1ed7aa6a5b262fc1
-
SHA512
113d9fd2e047b76669013dc4dd88f96f6ff64c8fcdf19c8ae17817311422d8f8a5139746a230e6178a6b7135d2aafbba4afde587915c770b75c85bcab7e3195b
-
SSDEEP
49152:5R+fYydPft7H+OrMFmxNNExWzGzXr9Uf3vGiIBlOLohpmw0Jvx6e8/eH:uYyVtRv2Xr6VIfOL0Ny6bW
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
7d5d93a5187a980c91b1afb766b61100a2de3695d642e76d1ed7aa6a5b262fc1
-
Size
2.3MB
-
MD5
f5a27171653d5895accd768b67d6f222
-
SHA1
3dcb08f2ff5f02915177141c12fcea29c77032f1
-
SHA256
7d5d93a5187a980c91b1afb766b61100a2de3695d642e76d1ed7aa6a5b262fc1
-
SHA512
113d9fd2e047b76669013dc4dd88f96f6ff64c8fcdf19c8ae17817311422d8f8a5139746a230e6178a6b7135d2aafbba4afde587915c770b75c85bcab7e3195b
-
SSDEEP
49152:5R+fYydPft7H+OrMFmxNNExWzGzXr9Uf3vGiIBlOLohpmw0Jvx6e8/eH:uYyVtRv2Xr6VIfOL0Ny6bW
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-