7915d1944ec2780bed64a19249568ea68a18a98e4786425304d8f38800daef29

Analysis

max time kernel
117s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
07-02-2024 00:07

Target

RBXpannel.exe
Size

15.8MB
MD5

6b633d08e1dfb5b24cd5d781f859e3ea
SHA1

df70d18aa28f2f0124b770b618038eca05be5b31
SHA256

7915d1944ec2780bed64a19249568ea68a18a98e4786425304d8f38800daef29
SHA512

4b4a9920ea548fea51bb903055b5350c67cb29ac4ff4b9482a89bbc2b9e5984e0fddea5ffab5c1e7c9811e4bfce2d71107d552dbde79ea897e80ce74876d6b9c
SSDEEP

393216:USEkMD2ntpUTLfhJsW+eGQRCMTozGxu8C0ibfz6e57Y1bmXiWCUI:USUDaHUTLJSW+e5RLoztZ026e5WFVUI

Score

7^/10

Loads dropped DLL 1 IoCs

pid	Process
2736	RBXpannel.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2188 wrote to memory of 2736	2188	RBXpannel.exe	28
PID 2188 wrote to memory of 2736	2188	RBXpannel.exe	28
PID 2188 wrote to memory of 2736	2188	RBXpannel.exe	28

C:\Users\Admin\AppData\Local\Temp\RBXpannel.exe
"C:\Users\Admin\AppData\Local\Temp\RBXpannel.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2188
- C:\Users\Admin\AppData\Local\Temp\RBXpannel.exe
  "C:\Users\Admin\AppData\Local\Temp\RBXpannel.exe"
  2⤵
  - Loads dropped DLL
  PID:2736

C:\Users\Admin\AppData\Local\Temp\_MEI21882\python312.dll

Filesize
6.7MB

MD5
48ebfefa21b480a9b0dbfc3364e1d066

SHA1
b44a3a9b8c585b30897ddc2e4249dfcfd07b700a

SHA256
0cc4e557972488eb99ea4aeb3d29f3ade974ef3bcd47c211911489a189a0b6f2

SHA512
4e6194f1c55b82ee41743b35d749f5d92a955b219decacf9f1396d983e0f92ae02089c7f84a2b8296a3062afa3f9c220da9b7cd9ed01b3315ea4a953b4ecc6ce

Download Submit