General
-
Target
f39af57919d6119847e6ecd6a9495fd0b0996a95b0bdf1d2440b6d6f296b1d18.exe
-
Size
4.0MB
-
Sample
250318-lx4m7aztay
-
MD5
5fe48966c2f11e09fd518e77118d6b1e
-
SHA1
71ac5d567f1485454b0a3b04cece2d40cf8c0fa0
-
SHA256
f39af57919d6119847e6ecd6a9495fd0b0996a95b0bdf1d2440b6d6f296b1d18
-
SHA512
392f086ce8eebaa66896a81b3795543f57086142d880f426b97240d106f8e4501222fb0725038750d70ce8d0e810d82c1048f2f761212b13cdbc632d4a7b4575
-
SSDEEP
98304:R+++MEQcFUcyrwHeeLn/I9QJo+W9NKdj5tskdoNr+OqWl:sMN9MeeLn/hJoZNKLtskdoNr+Za
Static task
static1
Behavioral task
behavioral1
Sample
f39af57919d6119847e6ecd6a9495fd0b0996a95b0bdf1d2440b6d6f296b1d18.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
f39af57919d6119847e6ecd6a9495fd0b0996a95b0bdf1d2440b6d6f296b1d18.exe
Resource
win10v2004-20250314-en
Malware Config
Extracted
risepro
193.233.132.47:50500
Targets
-
-
Target
f39af57919d6119847e6ecd6a9495fd0b0996a95b0bdf1d2440b6d6f296b1d18.exe
-
Size
4.0MB
-
MD5
5fe48966c2f11e09fd518e77118d6b1e
-
SHA1
71ac5d567f1485454b0a3b04cece2d40cf8c0fa0
-
SHA256
f39af57919d6119847e6ecd6a9495fd0b0996a95b0bdf1d2440b6d6f296b1d18
-
SHA512
392f086ce8eebaa66896a81b3795543f57086142d880f426b97240d106f8e4501222fb0725038750d70ce8d0e810d82c1048f2f761212b13cdbc632d4a7b4575
-
SSDEEP
98304:R+++MEQcFUcyrwHeeLn/I9QJo+W9NKdj5tskdoNr+OqWl:sMN9MeeLn/hJoZNKLtskdoNr+Za
Score10/10-
Risepro family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-