General
-
Target
00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46.exe
-
Size
2.3MB
-
Sample
250318-1djw1a1rx9
-
MD5
f2598274439c3db1ee095a82ee6f0971
-
SHA1
64f8ce6db7eba1378364a390be024a418b24e74f
-
SHA256
00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46
-
SHA512
40f9419d63d4ec3264d1dcc3baea5f959b5d295633a9856c63912669e09e682d1c6fddc40c8bfb88762e57824c4f5c3783554bda234de89e43f40122830465f8
-
SSDEEP
49152:mGHMf+Ns38A7KxCB/l9Xv9obM27oZVehCpNtBWbYz5gVmdi:mRfhMAWcB/D9MML3ehCpnMEFgVui
Behavioral task
behavioral1
Sample
00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46.exe
Resource
win7-20241010-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46.exe
-
Size
2.3MB
-
MD5
f2598274439c3db1ee095a82ee6f0971
-
SHA1
64f8ce6db7eba1378364a390be024a418b24e74f
-
SHA256
00881b102df27366b1e6458095597cd420b7c1f3e18b473922af69528bd16c46
-
SHA512
40f9419d63d4ec3264d1dcc3baea5f959b5d295633a9856c63912669e09e682d1c6fddc40c8bfb88762e57824c4f5c3783554bda234de89e43f40122830465f8
-
SSDEEP
49152:mGHMf+Ns38A7KxCB/l9Xv9obM27oZVehCpNtBWbYz5gVmdi:mRfhMAWcB/D9MML3ehCpnMEFgVui
-
Risepro family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-