Overview

overview

5

Static

static

RFQ0128SR2...ED.exe

windows7_x64

5

RFQ0128SR2...ED.exe

windows10_x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RFQ0128SR20KWT_DEUNGJU_FAKRU_AND_NAVEED.exe

  • Size

    838KB

  • Sample

    210113-4rc5pgn462

  • MD5

    c27de4eb9217d995c1c5f139c96626b0

  • SHA1

    4e235c872ae7717bc2d5c371a7ad5492bc7de56a

  • SHA256

    4f9f34f2e3c9dc355556166b5cc06f20648e29800f9b93cb8512703d826c6972

  • SHA512

    7dd20e125ce7180a4801994116d14a18b6534b8897eeb552bb5ec15b485a5e22395b7dafa0694548459a2e24c2d4709e6ac1bf1f667a0bcfdb39807a8f204f1b

Score
5/10

Malware Config

Targets

    • Target

      RFQ0128SR20KWT_DEUNGJU_FAKRU_AND_NAVEED.exe

    • Size

      838KB

    • MD5

      c27de4eb9217d995c1c5f139c96626b0

    • SHA1

      4e235c872ae7717bc2d5c371a7ad5492bc7de56a

    • SHA256

      4f9f34f2e3c9dc355556166b5cc06f20648e29800f9b93cb8512703d826c6972

    • SHA512

      7dd20e125ce7180a4801994116d14a18b6534b8897eeb552bb5ec15b485a5e22395b7dafa0694548459a2e24c2d4709e6ac1bf1f667a0bcfdb39807a8f204f1b

    Score
    5/10

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks