Overview

overview

7

Static

static

3

RFQ.exe

windows7-x64

3

RFQ.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    RFQ.exe

  • Size

    801KB

  • Sample

    240416-l1vvfsfc39

  • MD5

    4d82cc1b35b8dc9ec7d149f1b8b95e95

  • SHA1

    a1d363742603070b3fc7d2db4fc431307618b1b8

  • SHA256

    eedd6d6a9ec4bf82ca87e66c1ae5b86983e8479598df71f3602283b93dd07035

  • SHA512

    4551b327f1b1fe4bc7e915898cc5eb1f89b5d0ccfe4c714591cb83fffed7d1c508071248c8c54cb0ce5e66ad800641e6b1b37496ce1a34b5c5814d7fe044334a

  • SSDEEP

    24576:D29ueLM9QItbS+57TPtSr2h3POtV3lAiwN:D29ueL6tbV57jtSrUPUw

Score
7/10
discovery

Malware Config

Targets

    • Target

      RFQ.exe

    • Size

      801KB

    • MD5

      4d82cc1b35b8dc9ec7d149f1b8b95e95

    • SHA1

      a1d363742603070b3fc7d2db4fc431307618b1b8

    • SHA256

      eedd6d6a9ec4bf82ca87e66c1ae5b86983e8479598df71f3602283b93dd07035

    • SHA512

      4551b327f1b1fe4bc7e915898cc5eb1f89b5d0ccfe4c714591cb83fffed7d1c508071248c8c54cb0ce5e66ad800641e6b1b37496ce1a34b5c5814d7fe044334a

    • SSDEEP

      24576:D29ueLM9QItbS+57TPtSr2h3POtV3lAiwN:D29ueL6tbV57jtSrUPUw

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks