General

  • Target

    RFOInstaller.exe

  • Size

    7.5MB

  • MD5

    bece4a811119a546900da52780a8af4b

  • SHA1

    47d6a6ac39054adf79d032808de818d11f056e65

  • SHA256

    2f856bcfa64557df04167594c1659c75e5fb293a38329ce4adc57e728677dfab

  • SHA512

    be7ba543b6fc93ea443c692a8d34a7b1598ac9e0e8fd3a359ef3367bd3a157eb866030fcd19310778d7a174b18dd67595658d2d52fc669da1e03bb5628a23356

  • SSDEEP

    98304:Du2HzHqdVfB2FS27wBDKSh0uyuT/9vUIdD9C+z3zO917vOTh+ezDNh7nvmJ1nmOe:Du2rQsKRh9bT/9bvLz3S1bA3z2n97sR

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family

Files

  • RFOInstaller.exe
    .exe windows:5 windows x64

    20d446c1cb128febd23deb17efb67cf6


    Code Sign

    Headers

    Imports

    Sections

  • �ʗ�B.pyc