Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system -
submitted
12-11-2024 01:49
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
RFQ.exe
Resource
win7-20240729-en
1 signatures
150 seconds
General
-
Target
RFQ.exe
-
Size
2.1MB
-
MD5
388cda6f9ff919c387e097bd12538c7c
-
SHA1
1ab6a7ede3eeb8c4a99f0176e42fb5f6950842bf
-
SHA256
0183ba97dbe99cfbc5aa2966de3239d27bb7d14cab59bc2fb9d268645b475fbc
-
SHA512
77bc4335af3c69fae5762569b0207a038d2abedb907706214fb2210d1dd00db09055c240873a8c638a5f1b7eee74517af2e7f56677de940d43a53da5b88299ac
-
SSDEEP
12288:pFv5TD20phWGTZoH6NE+B1rFVoiYYQdjgLytJRA0VlxTQ6u:7h2ibTKQPvQdjgKVl1Q6u
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
RFQ.exedescription pid Process Token: SeDebugPrivilege 1892 RFQ.exe