Sample Hash | STIX JSON IOC Download | IOCs |
---|---|---|
6542ce453a8d0e9d40f30b088e93048ebb64ebf2f6279df552b9f818a6145e82 | https://www.vmray.com/analyses/_vt/6542ce453a8d/report/stix-report-2-1.json | 193[.]233[.]132[.]253 |
6b6f0dee91b3d6a228c3ea8caae4db07c963d9991571339c238f5c735a33038e | https://www.vmray.com/analyses/_vt/6b6f0dee91b3/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
9b7fc99774c864589fa2ed6a5c92cd0821a1f09611d5b34c37f715c68f70f1f3 | https://www.vmray.com/analyses/_vt/9b7fc99774c8/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
fd13d7cf78df7c365f1780276669ab4cc6cbad531f9cdc60d1dcb4e9eec70801 | https://www.vmray.com/analyses/_vt/fd13d7cf78df/report/stix-report-2-1.json | 193[.]233[.]132[.]74 |
dd78b392705ccde6829aaa6e5a9bd81a33343f2ba1aa8a45b8fe20cb8355ce34 | https://www.vmray.com/analyses/_vt/dd78b392705c/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
3dacf68502040ee5c167808d7814ed248cd71f4cfd3c025441747eb847555ae4 | https://www.vmray.com/analyses/_vt/3dacf6850204/report/stix-report-2-1.json | 193[.]233[.]132[.]216 |
 |  | 193[.]233[.]132[.]74 |
66e792786a978b4b4edcc5990cc2ce8d107976145acd5dc053649a4f8d6b7347 | https://www.vmray.com/analyses/_vt/66e792786a97/report/artifacts/stix-report-2-0-iocs.json | 193[.]233[.]132[.]167 /cost/lenin.exe |
 |  | 193[.]233[.]132[.]62:57893 /hera/amadka.exe |
 |  | 193[.]233[.]132[.]167 /cost/go.exe |
 |  | 193[.]233[.]132[.]56 /Pneh2sXQk0/index.php |
 |  | 193[.]233[.]132[.]62 |
30e5b1065e0d70d2854a6f8a256d6fdad7a0b83d208a772d292f741978683fda | https://www.vmray.com/analyses/_vt/30e5b1065e0d/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
5d11d3500b6c0a448601c3c93ed548120d2e24be4d7985b27c092a1d22031dba | https://www.vmray.com/analyses/_vt/5d11d3500b6c/report/stix-report-2-1.json | agtrainingcentres[.]com /clip[.]exe |
e3cf477f81b92aadec14dcee22db7f41c74fbcdddae110da05e3695e294a7ea7 | https://www.vmray.com/analyses/_vt/e3cf477f81b9/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
 |  | 5[.]42[.]96[.]55 |
b4980cf355475d0879d2bac69fe4aacf7176c404da18ed6457756860428f406c | https://www.vmray.com/analyses/_vt/b4980cf35547/report/stix-report-2-1.json | 147[.]45[.]47[.]102 |
 |  | 147[.]45[.]47[.]93 |
b662fc479161e92aee6749fa4deb969c12a43eb4b34e913d1340671eba98b64c | https://www.vmray.com/analyses/_vt/b662fc479161/report/stix-report-2-1.json | 147[.]45[.]47[.]126 |
 |  | 5[.]42[.]96[.]141 /go34ko8/index[.]php |
 |  | 5[.]42[.]96[.]7 /cost/sarra[.]exe |
 |  | 5[.]42[.]96[.]7 /mine/amers[.]exe |
 |  | 5[.]42[.]96[.]7 /cost/random[.]exe |
 |  | 5[.]42[.]96[.]7 /cost/go[.]exe |
70a0f8fd6eed4c25d8ffa4117f8b14bc289a18add0a6269e3eb698097085dce7 | https://www.vmray.com/analyses/_vt/70a0f8fd6eed/report/stix-report-2-1.json | 5[.]42[.]66[.]10 /download/th /Retailer_prog.exe |
 |  | 5[.]42[.]96[.]55 /lumma0805[.]exe |
 |  | 5[.]42[.]66[.]10 |
 |  | 5[.]42[.]96[.]55 |
 |  | 5[.]42[.]96[.]54 |
 |  | sofaprivateawarderysj[.] shop/api |
d10731ed80960b2fae5f0b589130e5b2f3c3f6c4e0cec16e68b361d6686334e8 | https://www.vmray.com/analyses/_vt/d10731ed8096/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
7b9765aa1888bef1c9d1948b1fbe216eda07f0adb648f74b671d47b07aab39ab | https://www.vmray.com/analyses/_vt/7b9765aa1888/report/stix-report-2-1.json | easy2buy[.]ae |
 |  | 193[.]233[.]132[.]47 |
RisePro stealer malware is evolving rapidly, adopting new techniques to evade detection and even mimicking Amadey samples. We've updated our YARA rule to stay ahead of these changes, ensuring accurate detection of the latest RisePro variants within the VMRay Platform.
🚀 Meet UniqueSignal: the actionable malware intelligence VMRay powers. 60 Days FREE TRIAL - Available For A LIMITED TIME.