92b2d2a44e57ae9d47806eba7e62ef0d0e3b152e822803845e9bfe74adb6efc3 | Triage

Analysis

max time kernel
120s
max time network
115s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
15/07/2024, 15:00

Sharing

Report Analysis Logs

General

Target

rbxfpsunlocker.exe
Size

605KB
MD5

09d083f0e2c1e8a3561209902333ad8f
SHA1

d9692d3aba34a39aeb9e53cb3d25562b94e2e597
SHA256

83dfcb08ea4aa1b857d952a8a177db775d1a7e9cfc30b528848a4a29c8dbf0b9
SHA512

c71371263cacc4872a4bf621614940f08c9436062683be5de921ae6e509079e25ea380623e8945d40858819a664bd76590defb2a89949e8e5666190f1024ca6b
SSDEEP

12288:IKOjJsDc2+WC+D+4H/xeGofENaTSuGCC709:IKyacgDD+4fwG1NaTSw

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe
3456	rbxfpsunlocker.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3456	rbxfpsunlocker.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
3456	rbxfpsunlocker.exe

C:\Users\Admin\AppData\Local\Temp\rbxfpsunlocker.exe
"C:\Users\Admin\AppData\Local\Temp\rbxfpsunlocker.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads