General

  • Target

    7b0383f36b4989b7580e6af8dcbc0e03d783f2c41d64805b16f807dea035d6f1

  • Size

    2.3MB

  • Sample

    240624-1b2c9swclj

  • MD5

    84f2db2acef926f4e8b5f4925f434401

  • SHA1

    1dfedf5dd119a740b1970a75c398c11fb09a5707

  • SHA256

    7b0383f36b4989b7580e6af8dcbc0e03d783f2c41d64805b16f807dea035d6f1

  • SHA512

    99fa458eddcf4a095e9a3f10cb5521258cabd5b1e1d7b2bc6f466d49e8ad43da5ca781d831be3c2d9faba53f18eaac9a0deb949980ab4669edc3693419c141ce

  • SSDEEP

    49152:TGpvB4PYh2QLfvCXt4FzUmGfgUwE7bzbyeIj:TW4e2QLe21klvzG

Score
10/10

Malware Config

Extracted

Family

risepro

C2

77.91.77.66:58709

Targets

    • Target

      7b0383f36b4989b7580e6af8dcbc0e03d783f2c41d64805b16f807dea035d6f1

    • Size

      2.3MB

    • MD5

      84f2db2acef926f4e8b5f4925f434401

    • SHA1

      1dfedf5dd119a740b1970a75c398c11fb09a5707

    • SHA256

      7b0383f36b4989b7580e6af8dcbc0e03d783f2c41d64805b16f807dea035d6f1

    • SHA512

      99fa458eddcf4a095e9a3f10cb5521258cabd5b1e1d7b2bc6f466d49e8ad43da5ca781d831be3c2d9faba53f18eaac9a0deb949980ab4669edc3693419c141ce

    • SSDEEP

      49152:TGpvB4PYh2QLfvCXt4FzUmGfgUwE7bzbyeIj:TW4e2QLe21klvzG

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.