Overview

overview

7

Static

static

3

Roblox.Acc...el.zip

windows7-x64

3

Roblox.Acc...el.zip

windows10-2004-x64

1

Auto Update.exe

windows7-x64

3

Auto Update.exe

windows10-2004-x64

6

RBX Alt Manager.exe

windows7-x64

3

RBX Alt Manager.exe

windows10-2004-x64

7

x86/CefSha...re.dll

windows7-x64

3

x86/CefSha...re.dll

windows10-2004-x64

3

x86/CefSha...re.pdb

windows7-x64

3

x86/CefSha...re.pdb

windows10-2004-x64

3

x86/CefSha...ss.exe

windows7-x64

3

x86/CefSha...ss.exe

windows10-2004-x64

3

x86/CefSha...ss.pdb

windows7-x64

3

x86/CefSha...ss.pdb

windows10-2004-x64

3

x86/CefSha...me.dll

windows7-x64

3

x86/CefSha...me.dll

windows10-2004-x64

3

x86/CefSha...me.pdb

windows7-x64

3

x86/CefSha...me.pdb

windows10-2004-x64

3

x86/CefSha...me.xml

windows7-x64

3

x86/CefSha...me.xml

windows10-2004-x64

1

x86/CefSharp.dll

windows7-x64

1

x86/CefSharp.dll

windows10-2004-x64

1

x86/LICENSE.txt

windows7-x64

1

x86/LICENSE.txt

windows10-2004-x64

1

x86/README.txt

windows7-x64

1

x86/README.txt

windows10-2004-x64

1

x86/chrome...nt.pak

windows7-x64

3

x86/chrome...nt.pak

windows10-2004-x64

3

x86/chrome...nt.pak

windows7-x64

3

x86/chrome...nt.pak

windows10-2004-x64

3

x86/chrome_elf.dll

windows7-x64

3

x86/chrome_elf.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    07/08/2024, 03:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RBX Alt Manager.exe

  • Size

    4.4MB

  • MD5

    db3a0207dd39b1692cbd150500e09f44

  • SHA1

    fb68e8a9b61c9d1d4b4eabbb4e9130913758805a

  • SHA256

    ec4eb14e72654eb14002e1eb67b212c0109ec5e0057b0f9a1e9d8535eab8137f

  • SHA512

    f347302572881e476ca3c629f608ad98252aa85f3b1472e638fb1cf6db6cd9735d7d8b491aff2a43016efc2f4a592b21c5b1fd7ef45ff780bc3f3e734f9db623

  • SSDEEP

    98304:R2bT1QzcmapX3TJcKGFjy4uJkqXf0Fk7WSgyO9W7:SQzWNdcKbdkSIk7DgyO9W

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\RBX Alt Manager.exe
    "C:\Users\Admin\AppData\Local\Temp\RBX Alt Manager.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2052
    • C:\Users\Admin\AppData\Local\Temp\RBX Alt Manager.exe
      "C:\Users\Admin\AppData\Local\Temp\RBX Alt Manager.exe"
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:2916
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=RBX Alt Manager.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2872
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
          4⤵
          • System Location Discovery: System Language Discovery
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b9eb17651575ba4759d49538fcce2e2

    SHA1

    7d74aa2d426fe68263648fc4fde255302b5c59dc

    SHA256

    36e780a84e0eaf300a2dd27cee78b83f26fba49564ab4b45fed7797d34d4578b

    SHA512

    7fb7948bf771dfc61994b0433d61bb8c1b1b9fcde2de51822313da20cb5dc03fee356b399ee4acf831648a221d87448b7d2ac72a9c131b24b45cdef8611383d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96b9bd41b35bfac8b3107cd607d8f395

    SHA1

    bdf1ed60e9b96cf47df84801cc7cbddaaa0a21d3

    SHA256

    8e70b0cdde885e89009b136b9b7a25b2ccd7b6dc08d3b66605782e74adf662d4

    SHA512

    1132ff24838a149c27bab9da9c09b3b76fafb15a67f9eaca9e1a4b8ec77f497dff597cfb19ea7279b9dee98a4712e4fe080876fa938e757e00cd0e1ce8138475

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1787ddcbaad30ed5b9a25ca1b3b697b9

    SHA1

    9b2c36efd1d70e46cecfe541158fcfcaf82b4205

    SHA256

    1fac3fe542d79e8fd10f54403bd192889d3aef51e6121a86c7c9ef8cc3f24b51

    SHA512

    4495b3719fb25febee060f56a9a8d51ea28f41c76ab47e6c04ea9e2deae0810ac673499b3a4c3921503bda1e6bba86297c784e47a4da03ec9c5bfdbdcbc3cb28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5daafb83d48d70b9b0596cf426242a5b

    SHA1

    b82a8dca71be770812176f3a54e26c3e51c97b72

    SHA256

    c39bf3efac5228016ec1e72bebb9fd062b5d6dd3edf12eda4741bba6dfe64b8d

    SHA512

    74ac58f7e7008687fe8652c4101b7a2e0bbf42040530d641c6b2c3ee41f8e5c8a17d8537849bbde875afa29f37f1ac6716d95d789b31124eb2b7d38620729af8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6cf40a35468d76f0fee55d293e6c5cc

    SHA1

    02b78295c808e8fd73d6fa3ce1945a51d8f36fce

    SHA256

    5a65fdd5d72681b76b53fa9031411e02f7a4ea22c2a4c02d0a8cafd390208b0a

    SHA512

    ac020aefe9b33f8dabe47d7d9ecb7b0cd30b0ebfe54ea2ed43bf6e9c71e4cecef897bde51124392e70d0c4f7b31fc4ae576f41d7bec9ecb02961c4f96f4bfbea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c3aaf357e504a92a574c81cbc00433ef

    SHA1

    0ee83a3e2de4b2db1916261ed8fd8795a425a897

    SHA256

    b8a6548c70f7f8d622cbb4bcb784d3d77ad0d2e82fbe484417b0b63f7bbe7d1a

    SHA512

    d7830d7c42c7e4cafddc5852ea2ff3995d907dc64e97752883453fa820a4eda3f4319a994d6d543ad14641b5645f10ad269ed3361ce8410535400ca95bc07e1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b88fa570d88f39b0505a2c81c6e2311

    SHA1

    c2c7239efdfd345014a60510aa5fdb901bf475c2

    SHA256

    ee69ba579c98ebae97edf700db2efaf83c880605c29621f952a12b093ad8cd1d

    SHA512

    29a6cdaa4f52d9479f4420f339acd4d3a8287eb007180265d3d546f30d6286c8dc8164ec9d26f16b50cd384d2e0408acb41ffb195ea3adbac72cc827efce4047

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69554856f5eadd6bdc4abd292dc4f5b5

    SHA1

    285ca72e8a50077746b42c6b14e98287ee55e539

    SHA256

    6f55ea7d6e630faa4de7dabcccabbfb8a269442d90aeddef4dbc925f5012f920

    SHA512

    6caee7b9d5f947668d630138dd7e14e331e38d4936910a50b74c0515ae8a04c16cba2ee34e1f391445d11534adc3e123255d8b63b27995acbb80716aa271fb64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    492e6ecb0efc89974a365498d33fc3ad

    SHA1

    31020c3b1e203b3a42704bcd3c8ea89662f3467a

    SHA256

    80b5770191883f0e8cb2e0032efaf146cecb3eded88991790e5063678fbbb965

    SHA512

    e0720d73ac3f10b49090d4c4b9ac5a0a8204cb8983c8246f41ef65e45b3f628c5b3dfddb90bef257f2bd24a00aa47784a29a3c85742ebea2155252ba9f7ed4a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e9ed50c3c464cebbc18fd9a6cfcc1f6

    SHA1

    fd94c2a2c737fc8a6cb1189b1e36b42f5c798e9f

    SHA256

    a7d7c0177137ae61245e9c399fb537025f6157f68d3878d786296abf27e3485b

    SHA512

    5def4baa2e0793e68f7f86eead2d5cadf6836163a6ba9d915a32915f852cd6634391202c1f796aae00f021e54358262cb85b0e54c66ebac3e343a7d99857a7bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86ba4851ff60ba0c2fe4204919526eef

    SHA1

    b13c20c42ed037beba3201829e694e13a544edba

    SHA256

    208d38ed4703c24f5b0e951ebce64fbc74352843556a56bbb27e53c7763b08aa

    SHA512

    5cf7c6bbcab5425d7c24d236a039a624b8b6212bbe71d5c65fbdd2712ed159f9c029e56531fc4af22f03229590cdfc3599be59f8a76077c2340f6504d9831b0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92d996b6ba45fc691c7a9137393b0cc4

    SHA1

    270cb040cdb95ca4c60806fdb6136cce07957747

    SHA256

    9118022f4fcdd51cc2a98a435fb8531a5043b9b169c6ea81815cc678651dd87b

    SHA512

    fdcd7a89bfa82fa651f9c288a71e17e2fa0e442812740178e7e404ac89bd6ed9b844986872c54da7d04823c3baf5edec63724b0df8d15c6a4fe3ab3c9f8432e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    063441a547f2925cd113fac81ccca33f

    SHA1

    177045c83d11c597be173f240b7c3c1ba41af571

    SHA256

    b410b33e14a89261d35963c3b048f6d17f85f60a28c0669e08bafb408eee7b1c

    SHA512

    a4043deeccf00dab019530e79ca4e4b1b7e6d67ac2aee07da57d77a271a6932fb1abcd9f7ac7e625be37584c30cdd25e7e3ee158481be6b06936573fcbe81823

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66e9e01cc2db30e27cc9ec43c497bda6

    SHA1

    3f98071991ebe50950930ab04e30278d536d965d

    SHA256

    2858f5debe1f47dd714a11e3020fa068410352b710322f5e019637b603d0d0f9

    SHA512

    0529e2157193a1f0e9b28e8853272d83ddbc27198b433d0f25cef4d09a6489423f285330cafee9bdc98070c01f3be162659501beb166badf1a3d797dfa2b81f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    15a319de4a5472522d5d145ea0cc905f

    SHA1

    85a4ca9be04f56c26335647bb6133319b438b851

    SHA256

    a5194bca3eb68b19c861d3c7acbb4fb44a4fb8441f871d9bb60e45ffa875d704

    SHA512

    0938ed68c19a9d737ac7bcae743e0e30a4ebb7391e88de1acdf421fb7db5b28045a93feb68a862b9d4dee687b06901db600729e6e5328f9851d3fd7d85e6e03a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50cec61b9ebeca4a4127fc2236a96346

    SHA1

    1c90bb5c6a9ae752f2f3c06fc9b80a3acb41bedc

    SHA256

    43c3076f91e945e1c57533f2088dd60cce2aa10935f269ea8debb7aaf9d261e6

    SHA512

    12ce957498237b4b95ff9ad1d81089bce204ae65103c1e968aa0cbb5f7ffe117477af79b27a49a38daacb0cc1e7e236a1fc435d944e8a55e44ec97dc79dc3216

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb96ef1c0568f14b7f67ff318bc1437d

    SHA1

    9e0022540b98725b26c08df2c5a7045a0b7d8ff0

    SHA256

    e8a615f8752eda127c9fd48a60fb29e5c2b55f1698b1006a81ea4729a22e8c2d

    SHA512

    c19318f73a72a8c338aeebcc1a97c4126b377f0113dd86990c207593ee706c8fb0efb8bd8176bcd72c7122cea8fff03d885eda295bd09ecb9910434fa6870657

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c99d360bca03c65124fdc6f0ddf7937c

    SHA1

    b1350ab5231bbe7b96b75852efd403dc651f6d25

    SHA256

    07220d2b30922d9a0164390f82faca7deb2f4a3cd4743ee6322dc71503e5cc70

    SHA512

    f5e422a4e1cf7d781a2bfcf2a13f367e401ca0af705d5445bd0a0ff8438242ddb90a739f6bba59e2d0a04ae0f7a3bd3ccbf2f6331edab149306ad79be01fa537

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2bca8b6e17a37ed376eddb3338f37047

    SHA1

    99352cb92af4d6ffa384bd664ce19fac5b10bcae

    SHA256

    0d7c301ebbb799e502320254164a7632d45e41e5dafe441d29db74f7773d1062

    SHA512

    ed4b3b3ae056c63c70c6d0da3701e587fa624bca60dbfcce6946164063d1c638914027fc16c901ce7a362ac02cea98163cad3f389ad33c8bd87c7b6181925275

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    64a5c25adbfe238de1314afa217d6db6

    SHA1

    803c80e720af71a3034384d0bf7ebc2147fc7ce5

    SHA256

    2264977f41e725f7e690c262894d66afff0bbdac60df67b09fb7cec47dda3767

    SHA512

    40caaa541fe677550d654dddf2db05f5db5de98df5544944bfe7f8e6af55ce9c2de73ffb510c142ac7de6ed98f364b13a14c0c06b75195578c8b004ffba16d45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    76da625e328c6f935d8dbdfbf5dfd998

    SHA1

    caa4e11ea4d34122f939d5d5ac0f4828211d1e74

    SHA256

    bf07af1ed299146b5030566d7b2a671ac3358becbd501944015e10c1d4bef889

    SHA512

    671583b821b57bad20571148901f430c1d0e1784c7509ac6d9fabdcb8b082a0ef54f15194b80ddf8f741d0125f7c5c43248679f2e1cac8e9a271d127cd7d6397

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f002a1e6ae7e2995d48c260aab182a58

    SHA1

    d4ad2014f915022cdb58e29e0bd29438708d9c06

    SHA256

    ddd35f7f29d610529e84bd537c3dc44047133e63f0f5a331008d075a0fe54f8e

    SHA512

    501c08905f9d3e73d9d39c6ea8bd074dbb4c6a195ce76a3bcee4fe8c6c1bac741ebd9e0fff8fe2b7ea850672a9e1b7292d5b4200130a4258dbdbb98961280df4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab61B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\RBX Alt Manager.exe.config
    Filesize

    2KB

    MD5

    3af58cc4ea567ff23275857a7662903b

    SHA1

    14cc53e5aaf65da4315436c9b85768ae04e94569

    SHA256

    b19b7fdd8aa951e1ad15cf5f2c901f1c0a2c9b86a87added6268a72c97d1aa88

    SHA512

    6d277743a1ac3fd520aa3e9dc2d3b6c8346d7f0dc2742ed716ae55ebd660e1cbe9bb754639cbda0d31561982bb89efd44c2328f382c27eb092339d0709dad253

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar63D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2052-4-0x0000000000400000-0x0000000000414000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2052-5-0x00000000004E0000-0x00000000004F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2052-0-0x000000007437E000-0x000000007437F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2052-6-0x00000000056C0000-0x00000000057D6000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2052-11-0x0000000074370000-0x0000000074A5E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2052-3-0x0000000074370000-0x0000000074A5E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2052-2-0x0000000000B10000-0x0000000000B56000-memory.dmp

    Filesize

    280KB

    Download

  • memory/2052-1-0x0000000000CD0000-0x0000000001130000-memory.dmp

    Filesize

    4.4MB

    Download