General
-
Target
db80ceb2d05e827f26a32f82ca37a2ac9254a2b894d901bc4f6bbe4d83de2504
-
Size
2.4MB
-
Sample
240623-njat3aygma
-
MD5
ccb1a7f6ca5cc76bdd2675771b5ca626
-
SHA1
114b9d898f0050db7f03ec982251cc3aa77c312b
-
SHA256
db80ceb2d05e827f26a32f82ca37a2ac9254a2b894d901bc4f6bbe4d83de2504
-
SHA512
1192ed72fd835bb0403a6a305649c0809bd77a9129f4edaf9a4d07793a01ab68f58773a846c975d66d2f1c51998aa0cddb3673008fc18311b7f14ba1c514b041
-
SSDEEP
49152:Et5nXMl9ezR2FnAufqvBT+l3JrU6qstC1vV3opexenvubSr:Q5XV42UJA61Ppex6mb
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
db80ceb2d05e827f26a32f82ca37a2ac9254a2b894d901bc4f6bbe4d83de2504
-
Size
2.4MB
-
MD5
ccb1a7f6ca5cc76bdd2675771b5ca626
-
SHA1
114b9d898f0050db7f03ec982251cc3aa77c312b
-
SHA256
db80ceb2d05e827f26a32f82ca37a2ac9254a2b894d901bc4f6bbe4d83de2504
-
SHA512
1192ed72fd835bb0403a6a305649c0809bd77a9129f4edaf9a4d07793a01ab68f58773a846c975d66d2f1c51998aa0cddb3673008fc18311b7f14ba1c514b041
-
SSDEEP
49152:Et5nXMl9ezR2FnAufqvBT+l3JrU6qstC1vV3opexenvubSr:Q5XV42UJA61Ppex6mb
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-