| Sample Hash | STIX JSON IOC Download | IOCs |
|---|---|---|
| 6542ce453a8d0e9d40f30b088e93048ebb64ebf2f6279df552b9f818a6145e82 | https://www.vmray.com/analyses/_vt/6542ce453a8d/report/stix-report-2-1.json | 193[.]233[.]132[.]253 |
| 6b6f0dee91b3d6a228c3ea8caae4db07c963d9991571339c238f5c735a33038e | https://www.vmray.com/analyses/_vt/6b6f0dee91b3/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| 9b7fc99774c864589fa2ed6a5c92cd0821a1f09611d5b34c37f715c68f70f1f3 | https://www.vmray.com/analyses/_vt/9b7fc99774c8/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| fd13d7cf78df7c365f1780276669ab4cc6cbad531f9cdc60d1dcb4e9eec70801 | https://www.vmray.com/analyses/_vt/fd13d7cf78df/report/stix-report-2-1.json | 193[.]233[.]132[.]74 |
| dd78b392705ccde6829aaa6e5a9bd81a33343f2ba1aa8a45b8fe20cb8355ce34 | https://www.vmray.com/analyses/_vt/dd78b392705c/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| 3dacf68502040ee5c167808d7814ed248cd71f4cfd3c025441747eb847555ae4 | https://www.vmray.com/analyses/_vt/3dacf6850204/report/stix-report-2-1.json | 193[.]233[.]132[.]216 |
| 193[.]233[.]132[.]74 | ||
| 66e792786a978b4b4edcc5990cc2ce8d107976145acd5dc053649a4f8d6b7347 | https://www.vmray.com/analyses/_vt/66e792786a97/report/artifacts/stix-report-2-0-iocs.json | 193[.]233[.]132[.]167 /cost/lenin.exe |
| 193[.]233[.]132[.]62:57893 /hera/amadka.exe | ||
| 193[.]233[.]132[.]167 /cost/go.exe | ||
| 193[.]233[.]132[.]56 /Pneh2sXQk0/index.php | ||
| 193[.]233[.]132[.]62 | ||
| 30e5b1065e0d70d2854a6f8a256d6fdad7a0b83d208a772d292f741978683fda | https://www.vmray.com/analyses/_vt/30e5b1065e0d/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| 5d11d3500b6c0a448601c3c93ed548120d2e24be4d7985b27c092a1d22031dba | https://www.vmray.com/analyses/_vt/5d11d3500b6c/report/stix-report-2-1.json | agtrainingcentres[.]com /clip[.]exe |
| e3cf477f81b92aadec14dcee22db7f41c74fbcdddae110da05e3695e294a7ea7 | https://www.vmray.com/analyses/_vt/e3cf477f81b9/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
| 5[.]42[.]96[.]55 | ||
| b4980cf355475d0879d2bac69fe4aacf7176c404da18ed6457756860428f406c | https://www.vmray.com/analyses/_vt/b4980cf35547/report/stix-report-2-1.json | 147[.]45[.]47[.]102 |
| 147[.]45[.]47[.]93 | ||
| b662fc479161e92aee6749fa4deb969c12a43eb4b34e913d1340671eba98b64c | https://www.vmray.com/analyses/_vt/b662fc479161/report/stix-report-2-1.json | 147[.]45[.]47[.]126 |
| 5[.]42[.]96[.]141 /go34ko8/index[.]php | ||
| 5[.]42[.]96[.]7 /cost/sarra[.]exe | ||
| 5[.]42[.]96[.]7 /mine/amers[.]exe | ||
| 5[.]42[.]96[.]7 /cost/random[.]exe | ||
| 5[.]42[.]96[.]7 /cost/go[.]exe | ||
| 70a0f8fd6eed4c25d8ffa4117f8b14bc289a18add0a6269e3eb698097085dce7 | https://www.vmray.com/analyses/_vt/70a0f8fd6eed/report/stix-report-2-1.json | 5[.]42[.]66[.]10 /download/th /Retailer_prog.exe |
| 5[.]42[.]96[.]55 /lumma0805[.]exe | ||
| 5[.]42[.]66[.]10 | ||
| 5[.]42[.]96[.]55 | ||
| 5[.]42[.]96[.]54 | ||
| sofaprivateawarderysj[.] shop/api | ||
| d10731ed80960b2fae5f0b589130e5b2f3c3f6c4e0cec16e68b361d6686334e8 | https://www.vmray.com/analyses/_vt/d10731ed8096/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
| 7b9765aa1888bef1c9d1948b1fbe216eda07f0adb648f74b671d47b07aab39ab | https://www.vmray.com/analyses/_vt/7b9765aa1888/report/stix-report-2-1.json | easy2buy[.]ae |
| 193[.]233[.]132[.]47 |
RisePro stealer malware is evolving rapidly, adopting new techniques to evade detection and even mimicking Amadey samples. We've updated our YARA rule to stay ahead of these changes, ensuring accurate detection of the latest RisePro variants within the VMRay Platform.
join VMRay for two powerhouse webinars designed to sharpen your threat detection and response capabilities — featuring a special joint session with Red Canary:
Live session's over. Watch the on-demand video to learn how VMRay and Red Canary combine forces to deliver faster, smarter threat detection!
Learn how to cut phishing triage time with automated detonation and deep analysis — quickly uncover threats while improving response accuracy!
