General

  • Target

    00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46.exe

  • Size

    2.3MB

  • Sample

    250318-1djw1a1rx9

  • MD5

    f2598274439c3db1ee095a82ee6f0971

  • SHA1

    64f8ce6db7eba1378364a390be024a418b24e74f

  • SHA256

    00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46

  • SHA512

    40f9419d63d4ec3264d1dcc3baea5f959b5d295633a9856c63912669e09e682d1c6fddc40c8bfb88762e57824c4f5c3783554bda234de89e43f40122830465f8

  • SSDEEP

    49152:mGHMf+Ns38A7KxCB/l9Xv9obM27oZVehCpNtBWbYz5gVmdi:mRfhMAWcB/D9MML3ehCpnMEFgVui

Malware Config

Extracted

Family

risepro

C2

147.45.47.126:58709

Targets

    • Target

      00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46.exe

    • Size

      2.3MB

    • MD5

      f2598274439c3db1ee095a82ee6f0971

    • SHA1

      64f8ce6db7eba1378364a390be024a418b24e74f

    • SHA256

      00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46

    • SHA512

      40f9419d63d4ec3264d1dcc3baea5f959b5d295633a9856c63912669e09e682d1c6fddc40c8bfb88762e57824c4f5c3783554bda234de89e43f40122830465f8

    • SSDEEP

      49152:mGHMf+Ns38A7KxCB/l9Xv9obM27oZVehCpNtBWbYz5gVmdi:mRfhMAWcB/D9MML3ehCpnMEFgVui

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Risepro family

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.