General
-
Target
RFQUOTE_JANUARY_STOCKLIST_18TH.exe
-
Size
1.5MB
-
Sample
210118-hrdp3w6rds
-
MD5
c94e30adf3bdd6d0316071781d5803b9
-
SHA1
fb98cb99a63ba3b6344700a6d5e2abcdd6d9e96c
-
SHA256
50835c6c6d8bd3415be9849c272876e863b792c035f052a03449aefb646a600a
-
SHA512
3f671796011f1964dbfef62dfc4815577390e15d7fc59f62bb2883f1ae709028e403ec194fed6bd02b8e2e48fa24f71dc0c725ab5016f532ee30b47805899be9
Static task
static1
Behavioral task
behavioral1
Sample
RFQUOTE_JANUARY_STOCKLIST_18TH.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
RFQUOTE_JANUARY_STOCKLIST_18TH.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
RFQUOTE_JANUARY_STOCKLIST_18TH.exe
-
Size
1.5MB
-
MD5
c94e30adf3bdd6d0316071781d5803b9
-
SHA1
fb98cb99a63ba3b6344700a6d5e2abcdd6d9e96c
-
SHA256
50835c6c6d8bd3415be9849c272876e863b792c035f052a03449aefb646a600a
-
SHA512
3f671796011f1964dbfef62dfc4815577390e15d7fc59f62bb2883f1ae709028e403ec194fed6bd02b8e2e48fa24f71dc0c725ab5016f532ee30b47805899be9
-
Loads dropped DLL
-
JavaScript code in executable
-
Suspicious use of SetThreadContext
-