Sample Hash | STIX JSON IOC Download | IOCs |
---|---|---|
6542ce453a8d0e9d40f30b088e93048ebb64ebf2f6279df552b9f818a6145e82 | https://www.vmray.com/analyses/_vt/6542ce453a8d/report/stix-report-2-1.json | 193[.]233[.]132[.]253 |
6b6f0dee91b3d6a228c3ea8caae4db07c963d9991571339c238f5c735a33038e | https://www.vmray.com/analyses/_vt/6b6f0dee91b3/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
9b7fc99774c864589fa2ed6a5c92cd0821a1f09611d5b34c37f715c68f70f1f3 | https://www.vmray.com/analyses/_vt/9b7fc99774c8/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
fd13d7cf78df7c365f1780276669ab4cc6cbad531f9cdc60d1dcb4e9eec70801 | https://www.vmray.com/analyses/_vt/fd13d7cf78df/report/stix-report-2-1.json | 193[.]233[.]132[.]74 |
dd78b392705ccde6829aaa6e5a9bd81a33343f2ba1aa8a45b8fe20cb8355ce34 | https://www.vmray.com/analyses/_vt/dd78b392705c/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
3dacf68502040ee5c167808d7814ed248cd71f4cfd3c025441747eb847555ae4 | https://www.vmray.com/analyses/_vt/3dacf6850204/report/stix-report-2-1.json | 193[.]233[.]132[.]216 |
193[.]233[.]132[.]74 | ||
66e792786a978b4b4edcc5990cc2ce8d107976145acd5dc053649a4f8d6b7347 | https://www.vmray.com/analyses/_vt/66e792786a97/report/artifacts/stix-report-2-0-iocs.json | 193[.]233[.]132[.]167 /cost/lenin.exe |
193[.]233[.]132[.]62:57893 /hera/amadka.exe | ||
193[.]233[.]132[.]167 /cost/go.exe | ||
193[.]233[.]132[.]56 /Pneh2sXQk0/index.php | ||
193[.]233[.]132[.]62 | ||
30e5b1065e0d70d2854a6f8a256d6fdad7a0b83d208a772d292f741978683fda | https://www.vmray.com/analyses/_vt/30e5b1065e0d/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
5d11d3500b6c0a448601c3c93ed548120d2e24be4d7985b27c092a1d22031dba | https://www.vmray.com/analyses/_vt/5d11d3500b6c/report/stix-report-2-1.json | agtrainingcentres[.]com /clip[.]exe |
e3cf477f81b92aadec14dcee22db7f41c74fbcdddae110da05e3695e294a7ea7 | https://www.vmray.com/analyses/_vt/e3cf477f81b9/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
5[.]42[.]96[.]55 | ||
b4980cf355475d0879d2bac69fe4aacf7176c404da18ed6457756860428f406c | https://www.vmray.com/analyses/_vt/b4980cf35547/report/stix-report-2-1.json | 147[.]45[.]47[.]102 |
147[.]45[.]47[.]93 | ||
b662fc479161e92aee6749fa4deb969c12a43eb4b34e913d1340671eba98b64c | https://www.vmray.com/analyses/_vt/b662fc479161/report/stix-report-2-1.json | 147[.]45[.]47[.]126 |
5[.]42[.]96[.]141 /go34ko8/index[.]php | ||
5[.]42[.]96[.]7 /cost/sarra[.]exe | ||
5[.]42[.]96[.]7 /mine/amers[.]exe | ||
5[.]42[.]96[.]7 /cost/random[.]exe | ||
5[.]42[.]96[.]7 /cost/go[.]exe | ||
70a0f8fd6eed4c25d8ffa4117f8b14bc289a18add0a6269e3eb698097085dce7 | https://www.vmray.com/analyses/_vt/70a0f8fd6eed/report/stix-report-2-1.json | 5[.]42[.]66[.]10 /download/th /Retailer_prog.exe |
5[.]42[.]96[.]55 /lumma0805[.]exe | ||
5[.]42[.]66[.]10 | ||
5[.]42[.]96[.]55 | ||
5[.]42[.]96[.]54 | ||
sofaprivateawarderysj[.] shop/api | ||
d10731ed80960b2fae5f0b589130e5b2f3c3f6c4e0cec16e68b361d6686334e8 | https://www.vmray.com/analyses/_vt/d10731ed8096/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
7b9765aa1888bef1c9d1948b1fbe216eda07f0adb648f74b671d47b07aab39ab | https://www.vmray.com/analyses/_vt/7b9765aa1888/report/stix-report-2-1.json | easy2buy[.]ae |
193[.]233[.]132[.]47 |
RisePro stealer malware is evolving rapidly, adopting new techniques to evade detection and even mimicking Amadey samples. We've updated our YARA rule to stay ahead of these changes, ensuring accurate detection of the latest RisePro variants within the VMRay Platform.
New EDR Integration: VMRay now integrates with Microsoft Defender for Endpoint — enhance threat detection with streamlined analysis!