6d567d0959ae8c664714535ee960910c49e5f61971858fa396e9edb19688c1b3

Submit
Reports

Overview

overview

Static

static

RBXIDLE.Se....0.exe

windows7-x64

RBXIDLE.Se....0.exe

windows10-2004-x64

$PLUGINSDI...er.dll

windows7-x64

$PLUGINSDI...er.dll

windows10-2004-x64

$PLUGINSDI...ls.dll

windows7-x64

$PLUGINSDI...ls.dll

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

$PLUGINSDI...em.dll

windows10-2004-x64

$PLUGINSDI...ll.dll

windows7-x64

$PLUGINSDI...ll.dll

windows10-2004-x64

LICENSES.c...m.html

windows7-x64

LICENSES.c...m.html

windows10-2004-x64

RBXIDLE.exe

windows7-x64

RBXIDLE.exe

windows10-2004-x64

resources/...te.cmd

windows7-x64

resources/...te.cmd

windows10-2004-x64

resources/...te.vbs

windows7-x64

resources/...te.vbs

windows10-2004-x64

resources/...on.dll

windows7-x64

resources/...on.dll

windows10-2004-x64

resources/...do.exe

windows7-x64

resources/...do.exe

windows10-2004-x64

resources/...sw.exe

windows7-x64

resources/...sw.exe

windows10-2004-x64

resources/...ies.js

windows7-x64

resources/...ies.js

windows10-2004-x64

resources/...cmd.js

windows7-x64

resources/...cmd.js

windows10-2004-x64

resources/...mon.js

windows7-x64

resources/...mon.js

windows10-2004-x64

resources/...log.js

windows7-x64

resources/...log.js

windows10-2004-x64

Analysis

max time kernel
119s
max time network
134s
platform
windows7_x64
resource
win7-20241023-en
resource tags

arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
submitted
17-11-2024 16:24

Sharing

Copy URL

Twitter E-mail

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

RBXIDLE.Setup.3.0.0.exe

Resource

win7-20240903-en

defense_evasion discovery execution

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

RBXIDLE.Setup.3.0.0.exe

Resource

win10v2004-20241007-en

defense_evasion discovery execution persistence privilege_escalation

windows10-2004-x64

23 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/SpiderBanner.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/SpiderBanner.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/StdUtils.dll

Resource

win7-20241010-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/StdUtils.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/WinShell.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/WinShell.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

LICENSES.chromium.html

Resource

win7-20240729-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral12

Sample

LICENSES.chromium.html

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral13

Sample

RBXIDLE.exe

Resource

win7-20240903-en

defense_evasion discovery execution

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral14

Sample

RBXIDLE.exe

Resource

win10v2004-20241007-en

defense_evasion discovery execution persistence privilege_escalation

windows10-2004-x64

19 signatures

150 seconds

Behavioral task

behavioral15

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/elevate/elevate.cmd

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/elevate/elevate.cmd

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/elevate/elevate.vbs

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/elevate/elevate.vbs

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/sudowin/Sudowin.Common.dll

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/sudowin/Sudowin.Common.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/sudowin/sudo.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/sudowin/sudo.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/winsw/winsw.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

resources/app.asar.unpacked/node_modules/node-windows/bin/winsw/winsw.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/binaries.js

Resource

win7-20241010-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/binaries.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/cmd.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/cmd.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/daemon.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/daemon.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/eventlog.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

resources/app.asar.unpacked/node_modules/node-windows/lib/eventlog.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

resources/app.asar.unpacked/node_modules/node-windows/bin/sudowin/Sudowin.Common.dll
Size

20KB
MD5

71a3ccef13df30b88d681714fe0386fa
SHA1

e717d0d9890f11f15e5f4ff62d91b43a188760e2
SHA256

ab3f0d95abc0041c4413a52f42447d4a49f2f09b746b78c297449880206cb844
SHA512

60f65d428dbc560dcfff5218dcc938a8a3f5a723c6017277f2dbf5ca0fc9c1ccd551ead227831a5dc4c251d8da30737149d49d86b8fede3b933e4da69328d450
SSDEEP

96:hDFBwPfHy3S2xncBrtx9WQN8m2sam8vnC8DKnDvaqYqiVaVYZ3lkb1qqAKiVu4Jh:K/QWtzWfmhKC8ODvaXdVaV4+pz4/y

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\node-windows\bin\sudowin\Sudowin.Common.dll,#1
1⤵
PID:2652

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads