| Sample Hash | STIX JSON IOC Download | IOCs |
|---|---|---|
| 6542ce453a8d0e9d40f30b088e93048ebb64ebf2f6279df552b9f818a6145e82 | https://www.vmray.com/analyses/_vt/6542ce453a8d/report/stix-report-2-1.json | 193[.]233[.]132[.]253 |
| 6b6f0dee91b3d6a228c3ea8caae4db07c963d9991571339c238f5c735a33038e | https://www.vmray.com/analyses/_vt/6b6f0dee91b3/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| 9b7fc99774c864589fa2ed6a5c92cd0821a1f09611d5b34c37f715c68f70f1f3 | https://www.vmray.com/analyses/_vt/9b7fc99774c8/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| fd13d7cf78df7c365f1780276669ab4cc6cbad531f9cdc60d1dcb4e9eec70801 | https://www.vmray.com/analyses/_vt/fd13d7cf78df/report/stix-report-2-1.json | 193[.]233[.]132[.]74 |
| dd78b392705ccde6829aaa6e5a9bd81a33343f2ba1aa8a45b8fe20cb8355ce34 | https://www.vmray.com/analyses/_vt/dd78b392705c/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| 3dacf68502040ee5c167808d7814ed248cd71f4cfd3c025441747eb847555ae4 | https://www.vmray.com/analyses/_vt/3dacf6850204/report/stix-report-2-1.json | 193[.]233[.]132[.]216 |
| Â | Â | 193[.]233[.]132[.]74 |
| 66e792786a978b4b4edcc5990cc2ce8d107976145acd5dc053649a4f8d6b7347 | https://www.vmray.com/analyses/_vt/66e792786a97/report/artifacts/stix-report-2-0-iocs.json | 193[.]233[.]132[.]167 /cost/lenin.exe |
| Â | Â | 193[.]233[.]132[.]62:57893 /hera/amadka.exe |
| Â | Â | 193[.]233[.]132[.]167 /cost/go.exe |
| Â | Â | 193[.]233[.]132[.]56 /Pneh2sXQk0/index.php |
| Â | Â | 193[.]233[.]132[.]62 |
| 30e5b1065e0d70d2854a6f8a256d6fdad7a0b83d208a772d292f741978683fda | https://www.vmray.com/analyses/_vt/30e5b1065e0d/report/stix-report-2-1.json | 147[.]45[.]47[.]93 |
| 5d11d3500b6c0a448601c3c93ed548120d2e24be4d7985b27c092a1d22031dba | https://www.vmray.com/analyses/_vt/5d11d3500b6c/report/stix-report-2-1.json | agtrainingcentres[.]com /clip[.]exe |
| e3cf477f81b92aadec14dcee22db7f41c74fbcdddae110da05e3695e294a7ea7 | https://www.vmray.com/analyses/_vt/e3cf477f81b9/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
| Â | Â | 5[.]42[.]96[.]55 |
| b4980cf355475d0879d2bac69fe4aacf7176c404da18ed6457756860428f406c | https://www.vmray.com/analyses/_vt/b4980cf35547/report/stix-report-2-1.json | 147[.]45[.]47[.]102 |
| Â | Â | 147[.]45[.]47[.]93 |
| b662fc479161e92aee6749fa4deb969c12a43eb4b34e913d1340671eba98b64c | https://www.vmray.com/analyses/_vt/b662fc479161/report/stix-report-2-1.json | 147[.]45[.]47[.]126 |
| Â | Â | 5[.]42[.]96[.]141 /go34ko8/index[.]php |
| Â | Â | 5[.]42[.]96[.]7 /cost/sarra[.]exe |
| Â | Â | 5[.]42[.]96[.]7 /mine/amers[.]exe |
| Â | Â | 5[.]42[.]96[.]7 /cost/random[.]exe |
| Â | Â | 5[.]42[.]96[.]7 /cost/go[.]exe |
| 70a0f8fd6eed4c25d8ffa4117f8b14bc289a18add0a6269e3eb698097085dce7 | https://www.vmray.com/analyses/_vt/70a0f8fd6eed/report/stix-report-2-1.json | 5[.]42[.]66[.]10 /download/th /Retailer_prog.exe |
| Â | Â | 5[.]42[.]96[.]55 /lumma0805[.]exe |
| Â | Â | 5[.]42[.]66[.]10 |
| Â | Â | 5[.]42[.]96[.]55 |
| Â | Â | 5[.]42[.]96[.]54 |
| Â | Â | sofaprivateawarderysj[.] shop/api |
| d10731ed80960b2fae5f0b589130e5b2f3c3f6c4e0cec16e68b361d6686334e8 | https://www.vmray.com/analyses/_vt/d10731ed8096/report/stix-report-2-1.json | 5[.]42[.]96[.]55 /lumma0805[.]exe |
| 7b9765aa1888bef1c9d1948b1fbe216eda07f0adb648f74b671d47b07aab39ab | https://www.vmray.com/analyses/_vt/7b9765aa1888/report/stix-report-2-1.json | easy2buy[.]ae |
| Â | Â | 193[.]233[.]132[.]47 |
RisePro stealer malware is evolving rapidly, adopting new techniques to evade detection and even mimicking Amadey samples. We've updated our YARA rule to stay ahead of these changes, ensuring accurate detection of the latest RisePro variants within the VMRay Platform.
Ready to stress-test your malware sandbox? Join us for a no-fluff, all-demo webinar that shows you real techniques to evaluate and optimize your sandboxing solution!
