General
-
Target
RFQ.jar
-
Size
360KB
-
Sample
201013-sf88drmpde
-
MD5
54a4d1c8b02bceb2c48d49f43db3a510
-
SHA1
d0cf537542156ab8b6c1c5f6522ccc91e2421766
-
SHA256
9c7fc51d9b11381d7cbdef16dea123d384455f9d8828340337a420dc21b8a0d7
-
SHA512
88ae24ac1a64291a5431a171969a7a2a34b4f2bd4db31ee8b67a4818fe1f31406d1373b9360a5d4f457ecfb83dd22aa5f478ec019ba8ca18a8cc12616ecc847e
Static task
static1
Behavioral task
behavioral1
Sample
RFQ.jar
Resource
win7
Behavioral task
behavioral2
Sample
RFQ.jar
Resource
win10v200722
Malware Config
Targets
-
-
Target
RFQ.jar
-
Size
360KB
-
MD5
54a4d1c8b02bceb2c48d49f43db3a510
-
SHA1
d0cf537542156ab8b6c1c5f6522ccc91e2421766
-
SHA256
9c7fc51d9b11381d7cbdef16dea123d384455f9d8828340337a420dc21b8a0d7
-
SHA512
88ae24ac1a64291a5431a171969a7a2a34b4f2bd4db31ee8b67a4818fe1f31406d1373b9360a5d4f457ecfb83dd22aa5f478ec019ba8ca18a8cc12616ecc847e
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-