Static task
static1
Behavioral task
behavioral1
Sample
RFQ.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
RFQ.exe
Resource
win10v2004-20220812-en
General
-
Target
RFQ.exe
-
Size
728KB
-
MD5
a214575adc54a392f7b3c5fe1bbfd83d
-
SHA1
0cbf1230e13a4040c20f68afb2a6a8a50852ca04
-
SHA256
b3040fd867cdeff5bc96e4c7120de616ba907d159fb580dc9ad4190d6e6ea7ab
-
SHA512
0b7879370873c2c89cabcaca060b09cf7518fbef55b249b8da014a0aaeb99981b4b5101b80ecf6036acd6ca94412a74ebca4ba1641c70d66fd984a1748fdf5b9
-
SSDEEP
12288:9PpBTR/4vetyXgcWbeJU2G4PZ0HeHNwyvD:Jx4ve4XgtfWWkNwyvD
Malware Config
Signatures
Files
-
RFQ.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 704KB - Virtual size: 698KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ