Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

RFQ.exe

windows7_x64

7

RFQ.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RFQ.exe

  • Size

    545KB

  • Sample

    200709-zr97k1vmre

  • MD5

    a7a942d798deac862153e3624a669b73

  • SHA1

    ab5c7794a24bd7f1825c2d6f651c780c98d5daaa

  • SHA256

    775cbf86bee09ee9b8024f2d8da2ce47cbfc29d2a907df7387bc87fbfae40dcd

  • SHA512

    8282dac628b341e13a2191b5fee67d3946cf71fe3c3800be8b281162a2a00040504f74b360e09aecec3555f970cf58eeaf54f4db995851908479b799a6901357

Score
7/10
spyware

Malware Config

Targets

    • Target

      RFQ.exe

    • Size

      545KB

    • MD5

      a7a942d798deac862153e3624a669b73

    • SHA1

      ab5c7794a24bd7f1825c2d6f651c780c98d5daaa

    • SHA256

      775cbf86bee09ee9b8024f2d8da2ce47cbfc29d2a907df7387bc87fbfae40dcd

    • SHA512

      8282dac628b341e13a2191b5fee67d3946cf71fe3c3800be8b281162a2a00040504f74b360e09aecec3555f970cf58eeaf54f4db995851908479b799a6901357

    Score
    7/10
    spyware

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks