General
-
Target
86f933e386a970e1856a615b30ea02aca102d0b71e89bb3e29d7bc8d289a5f72
-
Size
2.3MB
-
Sample
240624-kxkdwaxdqp
-
MD5
eb8bd1b42c3187d64fcc8f938de00872
-
SHA1
04a93db66775a324d7f7fd91832e3edbbab7a1d2
-
SHA256
86f933e386a970e1856a615b30ea02aca102d0b71e89bb3e29d7bc8d289a5f72
-
SHA512
9308f50957b5077cc8a88ef330b4a31ff33788be397c4c501adce0030283edd97e1e0de8026254e3d07cbf5b59832a6be9af40c5e34884634f64e1ac98e7e04e
-
SSDEEP
49152:3PSAT53KvgcNBwlUhmAmB3v+UGH1TDMuh3UVRhwxvwjeRakqvIXpXdr/:KhvPNBwahmAK/+/TDMuhshwxEQaSl
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
86f933e386a970e1856a615b30ea02aca102d0b71e89bb3e29d7bc8d289a5f72
-
Size
2.3MB
-
MD5
eb8bd1b42c3187d64fcc8f938de00872
-
SHA1
04a93db66775a324d7f7fd91832e3edbbab7a1d2
-
SHA256
86f933e386a970e1856a615b30ea02aca102d0b71e89bb3e29d7bc8d289a5f72
-
SHA512
9308f50957b5077cc8a88ef330b4a31ff33788be397c4c501adce0030283edd97e1e0de8026254e3d07cbf5b59832a6be9af40c5e34884634f64e1ac98e7e04e
-
SSDEEP
49152:3PSAT53KvgcNBwlUhmAmB3v+UGH1TDMuh3UVRhwxvwjeRakqvIXpXdr/:KhvPNBwahmAK/+/TDMuhshwxEQaSl
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-