Overview

overview

10

Static

static

3

RFQ 261023.exe

windows7-x64

10

RFQ 261023.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-11-2023 16:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RFQ 261023.exe

  • Size

    349KB

  • MD5

    c77ed66a06eaa6254d70a50e91fe68f6

  • SHA1

    4523ac24ed151f6cd5cfceba37ad725e1a8afc0f

  • SHA256

    25540f55ae5a200dd9635f60a3b62458b6d95386d0d92eab2282facc6f51084e

  • SHA512

    d22fbea9fe6baa38ca6e3bd6d9324f70e9bf035a456a65751079b55968cc18920f3dbff69de97384ef2e27f27c54ea8597456f6176d035b8c220c672a992590b

  • SSDEEP

    6144:tMVvcrQJL4IYYfnnZYJo57RuoGBfu9w9RzixhDeICv1M/Y8Q5AVSiwMpr5WR5oL1:2VE6VYYfIwRu7ICv1M/Y8Q5AVSiwcr5L

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\RFQ 261023.exe
    "C:\Users\Admin\AppData\Local\Temp\RFQ 261023.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:396
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
      C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
      2⤵
        PID:2572

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/396-0-0x00000000009A0000-0x00000000009FE000-memory.dmp

      Filesize

      376KB

      Download

    • memory/396-1-0x0000000075200000-0x00000000759B0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/396-2-0x0000000005A90000-0x0000000006034000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/396-3-0x00000000053E0000-0x0000000005472000-memory.dmp

      Filesize

      584KB

      Download

    • memory/396-4-0x0000000005480000-0x00000000054D4000-memory.dmp

      Filesize

      336KB

      Download

    • memory/396-5-0x0000000075200000-0x00000000759B0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/396-6-0x0000000005590000-0x00000000055A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/396-7-0x0000000005840000-0x00000000058DC000-memory.dmp

      Filesize

      624KB

      Download

    • memory/396-8-0x00000000057A0000-0x00000000057AA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/396-10-0x0000000075200000-0x00000000759B0000-memory.dmp

      Filesize

      7.7MB

      Download