PrivateLoader PPI Service Found Distributing Info-Stealing

PrivateLoader is an active malware in the loader market, used by multiple threat actors to deliver various payloads, mainly information stealer.

The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the RisePro info-stealing malware. The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the information-stealing malware dubbed RisePro, Flashpoint warns.

RisePro is being distributed through websites hosting pirated software, cracks, loaders, and similar illegal content, and infects endpoints through the PrivateLoader pay-per-install (PPI) malware distribution service.

According to the researchers, RisePro carries many similarities to PrivateLoader, prompting the researchers to conclude that the malware distribution platform now has its own infostealer. What’s more, they discovered that it was most likely built on Vidar as a foundation, as it uses the same system of embedded DLL dependencies.

The researchers describe PrivateLoader as a pay-per-install malware distribution service, often posing as a software crack, or a keygen.

Up until today, PrivateLoader only distributed RedLine Stealer or Raccoon, both of which are very popular infostealers in the cybercrime community.

Recommendation

Download only from legitimate software websites and always advised to have a strong antivirus solutions.

IoCs

RisePro C2

108.174.199.]249
108.174.200.]11
108.174.198.]132
my-rise.]cc
api.my-rise.]cc

Domains

greatsofteasy.]com
fixgroupfactor.]com
webproduct25.]com
gs24softeasy.]com
torggissoft.]com
teleportsoft.]com
testitsoft.]com
factor1right.]com
best24-files.]com
first-mirror.]com
elite-hacks.]ru
jojo-files.]com
my-rise.]cc
xx1-files.]com
hero-files.]com
my-rise.]pro
m-rise.]pro
pu-file.]com
pickofiles.]com
get-files24.]com
softs-portal.]com
boost-files.]com
files-rate.]com
get-24files.]com
upxlead.]com
gg-download.]com
files-sender.]com
rate-files.]com
gg-loader.]com

a5076f73a1cfd10fedf1368a26f9f358, 77270de2b41a639e9ca285f9014502a1a5b0b020, c70e26edeacbf1fa052f073959403ee9337a4aed13833553f8a3856fae013c9e
76ef5db3addbe357e753de73e7db258e, c126c8cc75f6f6ac4b4af125b85c499814053094, 478e97b727eb82979087c1d4c2450be18c2d3413ca8c648e7e2a067595ef8511
9b98ec558eb6fe1e4055d7535e17e37c, 1e416f2c40dfc44e60a65df8fd57524bf8e6f5ad, 5facf25f6b0d35a79444949b3175fabf3d788cbfbbbbb6551a867e1ddceb00a5
2ecae8d74f6cedfe5f06fd424c3cdc77, 0812df9653b27d994eb5f62e243a63d3ea28b1ec, 75b395cc766351e6f44f36dcbfdbabc2c4b43ef6fb26f845fb55569a57ebdbdd
a0dfcfb9936669128353663b82fa01b3, 400d3908600b45a8e27f9133cb4950f1e11d5b8d, 3fea5da905fb8cdb9ef203f85a2b0d37d9cbc8067fbf64d3e1849e84d99de3ee
e6b0e14676e5b72a638a142e46f658d9, 77723f0e3c933eff00e0ce1c823aee668d5c3bea, 2d34e214cbb14456357d2e3381692d188b1004d8ff26280e430c716e6e3730b6
ac2eae79e66ddf808900b5e2e261da9b, 69a403b81608457ad7106d4215e48e9207367f66, 49fea24c6d2f6340755a22687a6daf63ff2692fe81e6e067b8b2465bc21f49f9
12db8a9a0fb6baec2f801c640a8a4197, afa864c0d0fde050fd0d8694bf895b72d449969b, ae8becfd65df0625c7e4f2069cb57e6f3c022aff24db51666b4d8b8c6ab15a15
b3fbff1358ce82bc71009634c19ba2bf, 4b3d77895cd313db37793db0e5eb5fa2859c01b2, 28820e270265796566d6651f16651a5fd6c412b9290be07d2829c444d9392a02
dbe7d59705f5f919cc6354b81d746584, cc6284365d1d47460bed78dce4e237b95166a859, 3e38c14c9a27966b7768fa6a61a0bc86b79fdf8f554d232c26d0a13cd8dcdc36
46847232153f38a0326fe0e677a25b9e, f2303a12b73b6b033dde297ef8bdaf3f4cba6864, aa80643e117a896314fe6b1785cb65ab53561f66f5b679ba9f16a05f36e28674
319e5fbf83add883095fef277ac8e092, 8ae961c6b93f01bb6d7927223041f2d18ed3a2f9, b295631063a6186a09a9dfee224bca7af6d4ab1650e9d63cdc325cf3fe1cd3d6
5ab956806ec2e729b2c9c260ee3139f2, cb80fb19380b3dd20032763daa460af4452eebd7, ffae7d880fcb139d03941e1bc658ce463e179435f438d945c74067fe291beb23
dbe7d59705f5f919cc6354b81d746584, cc6284365d1d47460bed78dce4e237b95166a859, 3e38c14c9a27966b7768fa6a61a0bc86b79fdf8f554d232c26d0a13cd8dcdc36
e7cba894426bd9ca2cdc8b6d7ef31aae, 44afc3c4f62f062a746710440dde3ff7f29b4440, ad75f79f985b4ec690fe9280108ae51cec8ef1650581ed4e26497a5e2c2f3ef9
5df54fe48769bae887eaacb70eb23742, 0a20d79f8de58a088624f964f448846f5fe74afa, 4107f3166ce3c67f375514ed039d663f197261126724f229e8d3cda2e62728d0
0fc293ca3b73d1166ab149213ff1a240, 8b2a98870e2a1bd02bf72fc262068d07e620a233, 440cec1dd86d03c4e9a29a7b297a30a211f17d48828934a5a7121f1f4b97ef43
0fc293ca3b73d1166ab149213ff1a240, 8b2a98870e2a1bd02bf72fc262068d07e620a233, 440cec1dd86d03c4e9a29a7b297a30a211f17d48828934a5a7121f1f4b97ef43
0fc293ca3b73d1166ab149213ff1a240, 8b2a98870e2a1bd02bf72fc262068d07e620a233, 440cec1dd86d03c4e9a29a7b297a30a211f17d48828934a5a7121f1f4b97ef43
5df54fe48769bae887eaacb70eb23742, 0a20d79f8de58a088624f964f448846f5fe74afa, 4107f3166ce3c67f375514ed039d663f197261126724f229e8d3cda2e62728d0
0fc293ca3b73d1166ab149213ff1a240, 8b2a98870e2a1bd02bf72fc262068d07e620a233, 440cec1dd86d03c4e9a29a7b297a30a211f17d48828934a5a7121f1f4b97ef43
5df54fe48769bae887eaacb70eb23742, 0a20d79f8de58a088624f964f448846f5fe74afa, 4107f3166ce3c67f375514ed039d663f197261126724f229e8d3cda2e62728d0
0fc293ca3b73d1166ab149213ff1a240, 8b2a98870e2a1bd02bf72fc262068d07e620a233, 440cec1dd86d03c4e9a29a7b297a30a211f17d48828934a5a7121f1f4b97ef43
5df54fe48769bae887eaacb70eb23742, 0a20d79f8de58a088624f964f448846f5fe74afa, 4107f3166ce3c67f375514ed039d663f197261126724f229e8d3cda2e62728d0
fd1cabdc949d19b07ca9bfa206ae8560, f0eea0d1acca29bc82bcfe94b1ccb28d04581579, 057b33d69a28fb08733bb710ca22036aaee853791b958e8c4e0c81ae5eed6fcd
95fa2ab112ca196dfe5bdf0c13dd9396, d1e5ad285bb4506ae77c589682a5bc0a2afdec35, 58b1210213ac1cb9c4efe63d43390dfd43bf094408b16033f176e6700ad0fb29
95fa2ab112ca196dfe5bdf0c13dd9396, d1e5ad285bb4506ae77c589682a5bc0a2afdec35, 58b1210213ac1cb9c4efe63d43390dfd43bf094408b16033f176e6700ad0fb29
03366311b4fbe98c0a919b210cf2fa2b, c3f5b4a2203bf7769963852070f75ae7540fd180, 9564a7f5d7132fe8a97450e0fa4b628b7d802c885f034dc5d094260ff6a76716