Overview

overview

10

Static

static

3

RFQ.exe

windows7-x64

10

RFQ.exe

windows10-2004-x64

4

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RFQ.exe

  • Size

    671KB

  • MD5

    2e59c7961eabc8d79c3ab14cb31265ac

  • SHA1

    876dcba192ce05586f61cf36a89331a32b1f0731

  • SHA256

    8da5d531256d55bde006c357a260e4b4bc1daf904dbef15193a2884056679db8

  • SHA512

    6c3a295bf76c2af30b4feda03e798e584992edf0843b113adb6053bf454a2b7d7f5d5e8f864fa61baedebf4215421d93b7b252d8bd8f4d8a83b1db71ce7f9eb7

  • SSDEEP

    12288:6yHBw65KQM9PR8hcQfHsPogG7WvS4aGEllLHeyhF1umF:dHC6FM9PjQfMPtGKvS4aGYL+yhF1umF

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • RFQ.exe
    .exe windows:4 windows x86 arch:x86

    b40f29cd171eb54c01b1dd2683c9c26b


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • Vesiculotomy.Rom
  • anarchises/Aerolitic.opk
  • anarchises/Virkeliges.Pip
  • cuocos.hal
  • holosaprophyte.txt
  • ssterparti.inc