88bb3971c33a10cc7506840cd76e0ae9759b0560ea7bcf73cc22a4b5d64348dd | Triage

Submit
Reports

Overview

overview

Static

static

RFQVT-00040520.exe

windows7_x64

RFQVT-00040520.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

RFQVT-00040520.exe

Resource

win7-20220414-en

nanocore evasion keylogger spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQVT-00040520.exe

Resource

win10v2004-20220414-en

nanocore evasion keylogger spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

88bb3971c33a10cc7506840cd76e0ae9759b0560ea7bcf73cc22a4b5d64348dd
Size

427KB
MD5

22ba3d57882130702c16bfc7848a6338
SHA1

b80a1be365be016b502afca9686729a121cc1270
SHA256

88bb3971c33a10cc7506840cd76e0ae9759b0560ea7bcf73cc22a4b5d64348dd
SHA512

34d0812961dd6293d8c8fb60575dd29eaff721e2f4a00ff98fc72fa6613e4803b3f065d6411d57ee99809b7f70d55880da3d887a4950d1a4d6e320f09a3d26af
SSDEEP

12288:Qo3EamA5d5A6cFKncph8BoIhZRKKtLo9qbr89EiJ:QFa5A6Uh0FhLx5o9qbQaiJ

Score

N/A

Malware Config

Signatures

Files

88bb3971c33a10cc7506840cd76e0ae9759b0560ea7bcf73cc22a4b5d64348dd
.zip
RFQVT-00040520.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

y?A'1W
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy