Sample details: 1df591c2579f5a25dcc43390cad30938

Hashes
MD5: 1df591c2579f5a25dcc43390cad30938
SHA1: 1e20c412f65bbc172656ab96d419259afa10c086
SHA256: 14c6692169470ed8a959632002ae9d61aae1e758a73c00bf938e53dd74b799ef
SSDEEP: 3072:WwJ52Y7ZoH5XJac8lL6V51d5Skr8iJODBURIFN2NGZCcHVq88:WwHysc8lC5Skr7O9IIPXHVQ
Details
File Type: PE32
Yara Hits
YRP/Nullsoft_PiMP_Stub_SFX | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/escalate_priv | YRP/screenshot | YRP/win_registry | YRP/win_token | YRP/win_private_profile | YRP/win_files_operation | YRP/CRC32_poly_Constant |
Source
http://securedownload2.duckdns.org:7373/docs/RFQ8.exe
http://securedownload2.duckdns.org:7373/docs/RFQ7.exe