General
-
Target
20.07.07_rfq Specification.exe
-
Size
542KB
-
Sample
200707-hlffrbjlea
-
MD5
78447ae11a2552d9354c524d6ab09272
-
SHA1
9c065990e4146b2c6149a40135f21ec5ea3c5d74
-
SHA256
5a6950daf886f38d5abd60f63c7a1aebec0b51dceaac314bd3818007a3ab3f09
-
SHA512
b9839885f0d1333c38966c041a210ddac7e009409f746a231fb8f9cd2c9e525fcb65298382d2c962995960e1b3e72eca3f543e3866b4280b2f665e2e42db66c6
Static task
static1
Behavioral task
behavioral1
Sample
20.07.07_rfq Specification.exe
Resource
win7
Behavioral task
behavioral2
Sample
20.07.07_rfq Specification.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
20.07.07_rfq Specification.exe
-
Size
542KB
-
MD5
78447ae11a2552d9354c524d6ab09272
-
SHA1
9c065990e4146b2c6149a40135f21ec5ea3c5d74
-
SHA256
5a6950daf886f38d5abd60f63c7a1aebec0b51dceaac314bd3818007a3ab3f09
-
SHA512
b9839885f0d1333c38966c041a210ddac7e009409f746a231fb8f9cd2c9e525fcb65298382d2c962995960e1b3e72eca3f543e3866b4280b2f665e2e42db66c6
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-