General
-
Target
e854f0b6e6506ccb5227f07b8122522b766f9833b74bce5127c46561995ab51c.exe
-
Size
3.0MB
-
Sample
250318-lkczpsyygv
-
MD5
5fc9bc3ba9d0b1049df7ad8df8e08d07
-
SHA1
bbd31e9383e944ca453408d40ed2eb2fd5c87de6
-
SHA256
e854f0b6e6506ccb5227f07b8122522b766f9833b74bce5127c46561995ab51c
-
SHA512
62ae524f66d0d01de504e5e999d5fd38817074aa4d9d8ce159835c027c52e9cdfcf56982ebfcbaf0744386830361b159b129c6a081785240e3795a7a3dfe510a
-
SSDEEP
49152:eOBhu0uFXF0zRjz8DFs2DIFPvwkmpndb:hu0uFXF0zRP8DKIIFPvKdb
Static task
static1
Behavioral task
behavioral1
Sample
e854f0b6e6506ccb5227f07b8122522b766f9833b74bce5127c46561995ab51c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e854f0b6e6506ccb5227f07b8122522b766f9833b74bce5127c46561995ab51c.exe
Resource
win10v2004-20250314-en
Malware Config
Extracted
risepro
193.233.132.62:58709
Targets
-
-
Target
e854f0b6e6506ccb5227f07b8122522b766f9833b74bce5127c46561995ab51c.exe
-
Size
3.0MB
-
MD5
5fc9bc3ba9d0b1049df7ad8df8e08d07
-
SHA1
bbd31e9383e944ca453408d40ed2eb2fd5c87de6
-
SHA256
e854f0b6e6506ccb5227f07b8122522b766f9833b74bce5127c46561995ab51c
-
SHA512
62ae524f66d0d01de504e5e999d5fd38817074aa4d9d8ce159835c027c52e9cdfcf56982ebfcbaf0744386830361b159b129c6a081785240e3795a7a3dfe510a
-
SSDEEP
49152:eOBhu0uFXF0zRjz8DFs2DIFPvwkmpndb:hu0uFXF0zRP8DKIIFPvKdb
Score10/10-
Risepro family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-