Analysis
-
max time kernel
149s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
19-04-2024 12:35
Static task
static1
Behavioral task
behavioral1
Sample
rbxfpsunlocker-x64.zip
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
rbxfpsunlocker-x64.zip
Resource
win10v2004-20240412-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
rbxfpsunlocker.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral4
Sample
rbxfpsunlocker.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
General
-
Target
rbxfpsunlocker.exe
-
Size
605KB
-
MD5
09d083f0e2c1e8a3561209902333ad8f
-
SHA1
d9692d3aba34a39aeb9e53cb3d25562b94e2e597
-
SHA256
83dfcb08ea4aa1b857d952a8a177db775d1a7e9cfc30b528848a4a29c8dbf0b9
-
SHA512
c71371263cacc4872a4bf621614940f08c9436062683be5de921ae6e509079e25ea380623e8945d40858819a664bd76590defb2a89949e8e5666190f1024ca6b
-
SSDEEP
12288:IKOjJsDc2+WC+D+4H/xeGofENaTSuGCC709:IKyacgDD+4fwG1NaTSw
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe 512 rbxfpsunlocker.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 512 rbxfpsunlocker.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 512 rbxfpsunlocker.exe